lib: tidy up types and casts

Cherry-picked from #13489 Closes #13862
2024-06-02 22:30:52 +02:00 · 2024-06-02 22:30:52 +02:00 · 72abf7c13a
commit 72abf7c13a
parent ad837e9df8
49 changed files with 199 additions and 162 deletions
--- a/lib/altsvc.c
+++ b/lib/altsvc.c
@ -270,7 +270,7 @@ static CURLcode altsvc_out(struct altsvc *as, FILE *fp)
          "%s %s%s%s %u "
          "\"%d%02d%02d "
          "%02d:%02d:%02d\" "
-          "%u %d\n",
+          "%u %u\n",
          Curl_alpnid2str(as->src.alpnid),
          src6_pre, as->src.host, src6_post,
          as->src.port,
@ -462,7 +462,7 @@ static time_t altsvc_debugtime(void *unused)
  char *timestr = getenv("CURL_TIME");
  (void)unused;
  if(timestr) {
-    unsigned long val = strtol(timestr, NULL, 10);
+    long val = strtol(timestr, NULL, 10);
    return (time_t)val;
  }
  return time(NULL);
@ -624,7 +624,7 @@ CURLcode Curl_altsvc_parse(struct Curl_easy *data,
          num = strtoul(value_ptr, &end_ptr, 10);
          if((end_ptr != value_ptr) && (num < ULONG_MAX)) {
            if(strcasecompare("ma", option))
-              maxage = num;
+              maxage = (time_t)num;
            else if(strcasecompare("persist", option) && (num == 1))
              persist = TRUE;
          }
@ -696,7 +696,7 @@ bool Curl_altsvc_lookup(struct altsvcinfo *asi,
    if((as->src.alpnid == srcalpnid) &&
       hostcompare(srchost, as->src.host) &&
       (as->src.port == srcport) &&
-       (versions & as->dst.alpnid)) {
+       (versions & (int)as->dst.alpnid)) {
      /* match */
      *dstentry = as;
      return TRUE;
--- a/lib/altsvc.h
+++ b/lib/altsvc.h
@ -47,7 +47,7 @@ struct altsvc {
  struct althost dst;
  time_t expires;
  bool persist;
-  int prio;
+  unsigned int prio;
  struct Curl_llist_element node;
 };
--- a/lib/asyn-ares.c
+++ b/lib/asyn-ares.c
@ -350,7 +350,7 @@ static int waitperform(struct Curl_easy *data, timediff_t timeout_ms)
  }
  if(num) {
-    nfds = Curl_poll(pfd, num, timeout_ms);
+    nfds = Curl_poll(pfd, (unsigned int)num, timeout_ms);
    if(nfds < 0)
      return -1;
  }
--- a/lib/asyn-thread.c
+++ b/lib/asyn-thread.c
@ -697,7 +697,7 @@ static bool init_resolve_thread(struct Curl_easy *data,
                                  NULL, &td->tsd.w8.overlapped,
                                  &query_complete, &td->tsd.w8.cancel_ev);
        if(err != WSA_IO_PENDING)
-          query_complete(err, 0, &td->tsd.w8.overlapped);
+          query_complete((DWORD)err, 0, &td->tsd.w8.overlapped);
        return TRUE;
      }
    }
--- a/lib/cf-h2-proxy.c
+++ b/lib/cf-h2-proxy.c
@ -1418,7 +1418,7 @@ static ssize_t cf_h2_proxy_send(struct Curl_cfilter *cf,
    /* Unable to send all data, due to connection blocked or H2 window
     * exhaustion. Data is left in our stream buffer, or nghttp2's internal
     * frame buffer or our network out buffer. */
-    size_t rwin = nghttp2_session_get_stream_remote_window_size(
+    size_t rwin = (size_t)nghttp2_session_get_stream_remote_window_size(
                    ctx->h2, ctx->tunnel.stream_id);
    if(rwin == 0) {
      /* H2 flow window exhaustion.
--- a/lib/cf-socket.c
+++ b/lib/cf-socket.c
@ -183,10 +183,10 @@ tcpkeepalive(struct Curl_easy *data,
    vals.onoff = 1;
    optval = curlx_sltosi(data->set.tcp_keepidle);
    KEEPALIVE_FACTOR(optval);
-    vals.keepalivetime = optval;
+    vals.keepalivetime = (u_long)optval;
    optval = curlx_sltosi(data->set.tcp_keepintvl);
    KEEPALIVE_FACTOR(optval);
-    vals.keepaliveinterval = optval;
+    vals.keepaliveinterval = (u_long)optval;
    if(WSAIoctl(sockfd, SIO_KEEPALIVE_VALS, (LPVOID) &vals, sizeof(vals),
                NULL, 0, &dummy, NULL, NULL) != 0) {
      infof(data, "Failed to set SIO_KEEPALIVE_VALS on fd "
@ -288,7 +288,7 @@ void Curl_sock_assign_addr(struct Curl_sockaddr_ex *dest,
    dest->protocol = IPPROTO_UDP;
    break;
  }
-  dest->addrlen = ai->ai_addrlen;
+  dest->addrlen = (unsigned int)ai->ai_addrlen;
  if(dest->addrlen > sizeof(struct Curl_sockaddr_storage))
    dest->addrlen = sizeof(struct Curl_sockaddr_storage);
@ -1063,7 +1063,7 @@ static CURLcode set_remote_ip(struct Curl_cfilter *cf,
  struct cf_socket_ctx *ctx = cf->ctx;
  /* store remote address and port used in this connection attempt */
-  if(!Curl_addr2string(&ctx->addr.sa_addr, ctx->addr.addrlen,
+  if(!Curl_addr2string(&ctx->addr.sa_addr, (curl_socklen_t)ctx->addr.addrlen,
                       ctx->ip.remote_ip, &ctx->ip.remote_port)) {
    char buffer[STRERROR_LEN];
@ -1247,7 +1247,8 @@ static int do_connect(struct Curl_cfilter *cf, struct Curl_easy *data,
 #endif
  }
  else {
-    rc = connect(ctx->sock, &ctx->addr.sa_addr, ctx->addr.addrlen);
+    rc = connect(ctx->sock, &ctx->addr.sa_addr,
                 (curl_socklen_t)ctx->addr.addrlen);
  }
  return rc;
 }
@ -1785,7 +1786,8 @@ static CURLcode cf_udp_setup_quic(struct Curl_cfilter *cf,
  /* On macOS OpenSSL QUIC fails on connected sockets.
   * see: <https://github.com/openssl/openssl/issues/23251> */
 #else
-  rc = connect(ctx->sock, &ctx->addr.sa_addr, ctx->addr.addrlen);
+  rc = connect(ctx->sock, &ctx->addr.sa_addr,
               (curl_socklen_t)ctx->addr.addrlen);
  if(-1 == rc) {
    return socket_connect_result(data, ctx->ip.remote_ip, SOCKERRNO);
  }
--- a/lib/content_encoding.c
+++ b/lib/content_encoding.c
@ -536,13 +536,13 @@ static CURLcode gzip_do_write(struct Curl_easy *data,
    /* Append the new block of data to the previous one */
    memcpy(z->next_in + z->avail_in - nbytes, buf, nbytes);
-    switch(check_gzip_header(z->next_in, z->avail_in, &hlen)) {
+    switch(check_gzip_header(z->next_in, (ssize_t)z->avail_in, &hlen)) {
    case GZIP_OK:
      /* This is the zlib stream data */
      free(z->next_in);
      /* Don't point into the malloced block since we just freed it */
      z->next_in = (Bytef *) buf + hlen + nbytes - z->avail_in;
-      z->avail_in = (uInt) (z->avail_in - hlen);
+      z->avail_in = z->avail_in - (uInt)hlen;
      zp->zlib_init = ZLIB_GZIP_INFLATING;   /* Inflating stream state */
      break;
--- a/lib/cookie.c
+++ b/lib/cookie.c
@ -262,8 +262,9 @@ static size_t cookie_hash_domain(const char *domain, const size_t len)
  size_t h = 5381;
  while(domain < end) {
    size_t j = (size_t)Curl_raw_toupper(*domain++);
    h += h << 5;
-    h ^= Curl_raw_toupper(*domain++);
+    h ^= j;
  }
  return (h % COOKIE_HASH_SIZE);
--- a/lib/curl_addrinfo.c
+++ b/lib/curl_addrinfo.c
@ -317,7 +317,11 @@ Curl_he2ai(const struct hostent *he, int port)
      addr = (void *)ai->ai_addr; /* storage area for this info */
      memcpy(&addr->sin_addr, curr, sizeof(struct in_addr));
 #ifdef __MINGW32__
      addr->sin_family = (short)(he->h_addrtype);
 #else
      addr->sin_family = (CURL_SA_FAMILY_T)(he->h_addrtype);
 #endif
      addr->sin_port = htons((unsigned short)port);
      break;
@ -326,7 +330,11 @@ Curl_he2ai(const struct hostent *he, int port)
      addr6 = (void *)ai->ai_addr; /* storage area for this info */
      memcpy(&addr6->sin6_addr, curr, sizeof(struct in6_addr));
 #ifdef __MINGW32__
      addr6->sin6_family = (short)(he->h_addrtype);
 #else
      addr6->sin6_family = (CURL_SA_FAMILY_T)(he->h_addrtype);
 #endif
      addr6->sin6_port = htons((unsigned short)port);
      break;
 #endif
--- a/lib/curl_fnmatch.c
+++ b/lib/curl_fnmatch.c
@ -80,7 +80,7 @@ static int parsekeyword(unsigned char **pattern, unsigned char *charset)
  unsigned char *p = *pattern;
  bool found = FALSE;
  for(i = 0; !found; i++) {
-    char c = *p++;
+    char c = (char)*p++;
    if(i >= KEYLEN)
      return SETCHARSET_FAIL;
    switch(state) {
--- a/lib/curl_ntlm_core.c
+++ b/lib/curl_ntlm_core.c
@ -137,14 +137,14 @@
 */
 static void extend_key_56_to_64(const unsigned char *key_56, char *key)
 {
-  key[0] = key_56[0];
+  key[0] = (char)key_56[0];
-  key[1] = (unsigned char)(((key_56[0] << 7) & 0xFF) | (key_56[1] >> 1));
+  key[1] = (char)(((key_56[0] << 7) & 0xFF) | (key_56[1] >> 1));
-  key[2] = (unsigned char)(((key_56[1] << 6) & 0xFF) | (key_56[2] >> 2));
+  key[2] = (char)(((key_56[1] << 6) & 0xFF) | (key_56[2] >> 2));
-  key[3] = (unsigned char)(((key_56[2] << 5) & 0xFF) | (key_56[3] >> 3));
+  key[3] = (char)(((key_56[2] << 5) & 0xFF) | (key_56[3] >> 3));
-  key[4] = (unsigned char)(((key_56[3] << 4) & 0xFF) | (key_56[4] >> 4));
+  key[4] = (char)(((key_56[3] << 4) & 0xFF) | (key_56[4] >> 4));
-  key[5] = (unsigned char)(((key_56[4] << 3) & 0xFF) | (key_56[5] >> 5));
+  key[5] = (char)(((key_56[4] << 3) & 0xFF) | (key_56[5] >> 5));
-  key[6] = (unsigned char)(((key_56[5] << 2) & 0xFF) | (key_56[6] >> 6));
+  key[6] = (char)(((key_56[5] << 2) & 0xFF) | (key_56[6] >> 6));
-  key[7] = (unsigned char) ((key_56[6] << 1) & 0xFF);
+  key[7] = (char) ((key_56[6] << 1) & 0xFF);
 }
 #endif
@ -466,13 +466,13 @@ static void time2filetime(struct ms_filetime *ft, time_t t)
  unsigned int r, s;
  unsigned int i;
-  ft->dwLowDateTime = t & 0xFFFFFFFF;
+  ft->dwLowDateTime = (unsigned int)t & 0xFFFFFFFF;
  ft->dwHighDateTime = 0;
 # ifndef HAVE_TIME_T_UNSIGNED
  /* Extend sign if needed. */
  if(ft->dwLowDateTime & 0x80000000)
-    ft->dwHighDateTime = ~0;
+    ft->dwHighDateTime = ~(unsigned int)0;
 # endif
  /* Bias seconds to Jan 1, 1601.
--- a/lib/doh.c
+++ b/lib/doh.c
@ -518,12 +518,12 @@ static DOHcode skipqname(const unsigned char *doh, size_t dohlen,
  return DOH_OK;
 }
-static unsigned short get16bit(const unsigned char *doh, int index)
+static unsigned short get16bit(const unsigned char *doh, unsigned int index)
 {
  return (unsigned short)((doh[index] << 8) | doh[index + 1]);
 }
-static unsigned int get32bit(const unsigned char *doh, int index)
+static unsigned int get32bit(const unsigned char *doh, unsigned int index)
 {
  /* make clang and gcc optimize this to bswap by incrementing
     the pointer first. */
@ -606,7 +606,7 @@ static DOHcode store_cname(const unsigned char *doh,
      /* move to the new index */
      newpos = (length & 0x3f) << 8 | doh[index + 1];
-      index = newpos;
+      index = (unsigned int)newpos;
      continue;
    }
    else if(length & 0xc0)
@ -670,7 +670,7 @@ static DOHcode rdata(const unsigned char *doh,
    break;
 #endif
  case DNS_TYPE_CNAME:
-    rc = store_cname(doh, dohlen, index, d);
+    rc = store_cname(doh, dohlen, (unsigned int)index, d);
    if(rc)
      return rc;
    break;
@ -771,7 +771,7 @@ UNITTEST DOHcode doh_decode(const unsigned char *doh,
    if(dohlen < (index + rdlength))
      return DOH_DNS_OUT_OF_RANGE;
-    rc = rdata(doh, dohlen, rdlength, type, index, d);
+    rc = rdata(doh, dohlen, rdlength, type, (int)index, d);
    if(rc)
      return rc; /* bad rdata */
    index += rdlength;
@ -967,7 +967,11 @@ static CURLcode doh2ai(const struct dohentry *de, const char *hostname,
      addr = (void *)ai->ai_addr; /* storage area for this info */
      DEBUGASSERT(sizeof(struct in_addr) == sizeof(de->addr[i].ip.v4));
      memcpy(&addr->sin_addr, &de->addr[i].ip.v4, sizeof(struct in_addr));
 #ifdef __MINGW32__
      addr->sin_family = (short)addrtype;
 #else
      addr->sin_family = addrtype;
 #endif
      addr->sin_port = htons((unsigned short)port);
      break;
@ -976,7 +980,11 @@ static CURLcode doh2ai(const struct dohentry *de, const char *hostname,
      addr6 = (void *)ai->ai_addr; /* storage area for this info */
      DEBUGASSERT(sizeof(struct in6_addr) == sizeof(de->addr[i].ip.v6));
      memcpy(&addr6->sin6_addr, &de->addr[i].ip.v6, sizeof(struct in6_addr));
 #ifdef __MINGW32__
      addr6->sin6_family = (short)addrtype;
 #else
      addr6->sin6_family = addrtype;
 #endif
      addr6->sin6_port = htons((unsigned short)port);
      break;
 #endif
--- a/lib/easy.c
+++ b/lib/easy.c
@ -579,7 +579,7 @@ static CURLcode wait_or_timeout(struct Curl_multi *multi, struct events *ev)
    before = Curl_now();
    /* wait for activity or timeout */
-    pollrc = Curl_poll(fds, numfds, ev->ms);
+    pollrc = Curl_poll(fds, (unsigned int)numfds, ev->ms);
    if(pollrc < 0)
      return CURLE_UNRECOVERABLE_POLL;
--- a/lib/escape.c
+++ b/lib/escape.c
@ -70,7 +70,8 @@ char *curl_easy_escape(struct Curl_easy *data, const char *string,
    return strdup("");
  while(length--) {
-    unsigned char in = *string++; /* treat the characters unsigned */
+    /* treat the characters unsigned */
    unsigned char in = (unsigned char)*string++;
    if(ISUNRESERVED(in)) {
      /* append this */
@ -137,7 +138,7 @@ CURLcode Curl_urldecode(const char *string, size_t length,
  *ostring = ns;
  while(alloc) {
-    unsigned char in = *string;
+    unsigned char in = (unsigned char)*string;
    if(('%' == in) && (alloc > 2) &&
       ISXDIGIT(string[1]) && ISXDIGIT(string[2])) {
      /* this is two hexadecimal digits following a '%' */
@ -157,7 +158,7 @@ CURLcode Curl_urldecode(const char *string, size_t length,
      return CURLE_URL_MALFORMAT;
    }
-    *ns++ = in;
+    *ns++ = (char)in;
  }
  *ns = 0; /* terminate it */
@ -222,8 +223,8 @@ void Curl_hexencode(const unsigned char *src, size_t len, /* input length */
    while(len-- && (olen >= 3)) {
      /* clang-tidy warns on this line without this comment: */
      /* NOLINTNEXTLINE(clang-analyzer-core.UndefinedBinaryOperatorResult) */
-      *out++ = hex[(*src & 0xF0)>>4];
+      *out++ = (unsigned char)hex[(*src & 0xF0)>>4];
-      *out++ = hex[*src & 0x0F];
+      *out++ = (unsigned char)hex[*src & 0x0F];
      ++src;
      olen -= 2;
    }
--- a/lib/getinfo.c
+++ b/lib/getinfo.c
@ -204,7 +204,7 @@ static CURLcode getinfo_long(struct Curl_easy *data, CURLINFO info,
 #ifdef DEBUGBUILD
  char *timestr = getenv("CURL_TIME");
  if(timestr) {
-    unsigned long val = strtol(timestr, NULL, 10);
+    unsigned long val = strtoul(timestr, NULL, 10);
    switch(info) {
    case CURLINFO_LOCAL_PORT:
      *param_longp = (long)val;
@ -216,7 +216,7 @@ static CURLcode getinfo_long(struct Curl_easy *data, CURLINFO info,
  /* use another variable for this to allow different values */
  timestr = getenv("CURL_DEBUG_SIZE");
  if(timestr) {
-    unsigned long val = strtol(timestr, NULL, 10);
+    unsigned long val = strtoul(timestr, NULL, 10);
    switch(info) {
    case CURLINFO_HEADER_SIZE:
    case CURLINFO_REQUEST_SIZE:
@ -335,7 +335,7 @@ static CURLcode getinfo_long(struct Curl_easy *data, CURLINFO info,
    }
    break;
  case CURLINFO_PROTOCOL:
-    *param_longp = data->info.conn_protocol;
+    *param_longp = (long)data->info.conn_protocol;
    break;
  case CURLINFO_USED_PROXY:
    *param_longp =
@ -361,7 +361,7 @@ static CURLcode getinfo_offt(struct Curl_easy *data, CURLINFO info,
 #ifdef DEBUGBUILD
  char *timestr = getenv("CURL_TIME");
  if(timestr) {
-    unsigned long val = strtol(timestr, NULL, 10);
+    unsigned long val = strtoul(timestr, NULL, 10);
    switch(info) {
    case CURLINFO_TOTAL_TIME_T:
    case CURLINFO_NAMELOOKUP_TIME_T:
@ -450,7 +450,7 @@ static CURLcode getinfo_double(struct Curl_easy *data, CURLINFO info,
 #ifdef DEBUGBUILD
  char *timestr = getenv("CURL_TIME");
  if(timestr) {
-    unsigned long val = strtol(timestr, NULL, 10);
+    unsigned long val = strtoul(timestr, NULL, 10);
    switch(info) {
    case CURLINFO_TOTAL_TIME:
    case CURLINFO_NAMELOOKUP_TIME:
--- a/lib/hash.c
+++ b/lib/hash.c
@ -270,8 +270,9 @@ size_t Curl_hash_str(void *key, size_t key_length, size_t slots_num)
  size_t h = 5381;
  while(key_str < end) {
    size_t j = (size_t)*key_str++;
    h += h << 5;
-    h ^= *key_str++;
+    h ^= j;
  }
  return (h % slots_num);
--- a/lib/headers.c
+++ b/lib/headers.c
@ -54,7 +54,7 @@ static void copy_header_external(struct Curl_header_store *hs,
     impossible for applications to do == comparisons, as that would otherwise
     be very tempting and then lead to the reserved bits not being reserved
     anymore. */
-  h->origin = hs->type | (1<<27);
+  h->origin = (unsigned int)(hs->type | (1<<27));
  h->anchor = e;
 }
--- a/lib/hostip.c
+++ b/lib/hostip.c
@ -428,8 +428,8 @@ UNITTEST CURLcode Curl_shuffle_addr(struct Curl_easy *data,
        if(Curl_rand(data, (unsigned char *)rnd, rnd_size) == CURLE_OK) {
          struct Curl_addrinfo *swap_tmp;
          for(i = num_addrs - 1; i > 0; i--) {
-            swap_tmp = nodes[rnd[i] % (i + 1)];
+            swap_tmp = nodes[rnd[i] % (unsigned int)(i + 1)];
-            nodes[rnd[i] % (i + 1)] = nodes[i];
+            nodes[rnd[i] % (unsigned int)(i + 1)] = nodes[i];
            nodes[i] = swap_tmp;
          }
--- a/lib/http1.c
+++ b/lib/http1.c
@ -217,7 +217,7 @@ static CURLcode start_req(struct h1_req_parser *parser,
    tmp[target_len] = '\0';
    /* See if treating TARGET as an absolute URL makes sense */
    if(Curl_is_absolute_url(tmp, NULL, 0, FALSE)) {
-      int url_options;
+      unsigned int url_options;
      url = curl_url();
      if(!url) {
--- a/lib/http2.c
+++ b/lib/http2.c
@ -93,7 +93,7 @@
 #define H2_SETTINGS_IV_LEN  3
 #define H2_BINSETTINGS_LEN 80
-static int populate_settings(nghttp2_settings_entry *iv,
+static size_t populate_settings(nghttp2_settings_entry *iv,
                                struct Curl_easy *data)
 {
  iv[0].settings_id = NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS;
@ -112,7 +112,7 @@ static ssize_t populate_binsettings(uint8_t *binsettings,
                                    struct Curl_easy *data)
 {
  nghttp2_settings_entry iv[H2_SETTINGS_IV_LEN];
-  int ivlen;
+  size_t ivlen;
  ivlen = populate_settings(iv, data);
  /* this returns number of bytes it wrote or a negative number on error. */
@ -133,7 +133,7 @@ struct cf_h2_ctx {
  struct Curl_hash streams; /* hash of `data->id` to `h2_stream_ctx` */
  size_t drain_total; /* sum of all stream's UrlState drain */
  uint32_t max_concurrent_streams;
-  int32_t goaway_error;
+  uint32_t goaway_error;
  int32_t last_stream_id;
  BIT(conn_closed);
  BIT(goaway);
@ -486,7 +486,7 @@ static CURLcode cf_h2_ctx_init(struct Curl_cfilter *cf,
    DEBUGASSERT(stream);
    stream->id = 1;
    /* queue SETTINGS frame (again) */
-    rc = nghttp2_session_upgrade2(ctx->h2, binsettings, binlen,
+    rc = nghttp2_session_upgrade2(ctx->h2, binsettings, (size_t)binlen,
                                  data->state.httpreq == HTTPREQ_HEAD,
                                  NULL);
    if(rc) {
@ -507,7 +507,7 @@ static CURLcode cf_h2_ctx_init(struct Curl_cfilter *cf,
  }
  else {
    nghttp2_settings_entry iv[H2_SETTINGS_IV_LEN];
-    int ivlen;
+    size_t ivlen;
    ivlen = populate_settings(iv, data);
    rc = nghttp2_submit_settings(ctx->h2, NGHTTP2_FLAG_NONE,
@ -1007,7 +1007,7 @@ static void h2_xfer_write_resp(struct Curl_cfilter *cf,
                "RST-ing stream",
                stream->id, stream->xfer_result, blen);
    nghttp2_submit_rst_stream(ctx->h2, 0, stream->id,
-                              NGHTTP2_ERR_CALLBACK_FAILURE);
+                              (uint32_t)NGHTTP2_ERR_CALLBACK_FAILURE);
  }
 }
@ -1256,7 +1256,7 @@ static int on_frame_recv(nghttp2_session *session, const nghttp2_frame *frame,
      ctx->goaway_error = frame->goaway.error_code;
      ctx->last_stream_id = frame->goaway.last_stream_id;
      if(data) {
-        infof(data, "received GOAWAY, error=%d, last_stream=%u",
+        infof(data, "received GOAWAY, error=%u, last_stream=%u",
                    ctx->goaway_error, ctx->last_stream_id);
        Curl_multi_connchanged(data->multi);
      }
@ -1654,7 +1654,7 @@ CURLcode Curl_http2_request_upgrade(struct dynbuf *req,
    return CURLE_FAILED_INIT;
  }
-  result = Curl_base64url_encode((const char *)binsettings, binlen,
+  result = Curl_base64url_encode((const char *)binsettings, (size_t)binlen,
                                 &base64, &blen);
  if(result) {
    Curl_dyn_free(req);
@ -2292,8 +2292,8 @@ static ssize_t cf_h2_send(struct Curl_cfilter *cf, struct Curl_easy *data,
    /* Unable to send all data, due to connection blocked or H2 window
     * exhaustion. Data is left in our stream buffer, or nghttp2's internal
     * frame buffer or our network out buffer. */
-    size_t rwin = nghttp2_session_get_stream_remote_window_size(ctx->h2,
+    size_t rwin = (size_t)nghttp2_session_get_stream_remote_window_size(
-                                                                stream->id);
+                    ctx->h2, stream->id);
    /* At the start of a stream, we are called with request headers
     * and, possibly, parts of the body. Later, only body data.
     * If we cannot send pure body data, we EAGAIN. If there had been
@ -2474,10 +2474,10 @@ static CURLcode http2_data_pause(struct Curl_cfilter *cf,
  if(ctx && ctx->h2 && stream) {
    uint32_t window = pause? 0 : stream->local_window_size;
-    int rv = nghttp2_session_set_local_window_size(ctx->h2,
+    int rv = (int)nghttp2_session_set_local_window_size(ctx->h2,
                                                        NGHTTP2_FLAG_NONE,
                                                        stream->id,
-                                                   window);
+                                                        (int32_t)window);
    if(rv) {
      failf(data, "nghttp2_session_set_local_window_size() failed: %s(%d)",
            nghttp2_strerror(rv), rv);
@ -2505,7 +2505,7 @@ static CURLcode http2_data_pause(struct Curl_cfilter *cf,
 #ifdef DEBUGBUILD
    {
      /* read out the stream local window again */
-      uint32_t window2 =
+      uint32_t window2 = (uint32_t)
        nghttp2_session_get_stream_local_window_size(ctx->h2,
                                                     stream->id);
      DEBUGF(infof(data, "HTTP/2 window size is now %u for stream %u",
--- a/lib/imap.c
+++ b/lib/imap.c
@ -776,7 +776,7 @@ static CURLcode imap_perform_append(struct Curl_easy *data)
  /* Prepare the mime data if some. */
  if(data->set.mimepost.kind != MIMEKIND_NONE) {
    /* Use the whole structure as data. */
-    data->set.mimepost.flags &= ~MIME_BODY_ONLY;
+    data->set.mimepost.flags &= ~(unsigned int)MIME_BODY_ONLY;
    /* Add external headers and mime version. */
    curl_mime_headers(&data->set.mimepost, data->set.headers, 0);
--- a/lib/inet_ntop.h
+++ b/lib/inet_ntop.h
@ -32,8 +32,13 @@ char *Curl_inet_ntop(int af, const void *addr, char *buf, size_t size);
 #ifdef HAVE_ARPA_INET_H
 #include <arpa/inet.h>
 #endif
 #ifdef _WIN32
 #define Curl_inet_ntop(af,addr,buf,size) \
-        inet_ntop(af, addr, buf, (curl_socklen_t)size)
+        inet_ntop(af, addr, buf, size)
 #else
 #define Curl_inet_ntop(af,addr,buf,size) \
        inet_ntop(af, addr, buf, (curl_socklen_t)(size))
 #endif
 #endif
 #endif /* HEADER_CURL_INET_NTOP_H */
--- a/lib/krb5.c
+++ b/lib/krb5.c
@ -169,7 +169,7 @@ krb5_encode(void *app_data, const void *from, int length, int level, void **to)
   * libraries modify the input buffer in gss_wrap()
   */
  dec.value = (void *)from;
-  dec.length = length;
+  dec.length = (size_t)length;
  maj = gss_wrap(&min, *context,
                 level == PROT_PRIVATE,
                 GSS_C_QOP_DEFAULT,
@ -524,7 +524,7 @@ static CURLcode read_data(struct Curl_easy *data, int sockindex,
    return result;
  if(len) {
-    len = ntohl(len);
+    len = (int)ntohl((uint32_t)len);
    if(len > CURL_MAX_INPUT_LENGTH)
      return CURLE_TOO_LARGE;
@ -536,7 +536,7 @@ static CURLcode read_data(struct Curl_easy *data, int sockindex,
  do {
    char buffer[1024];
    nread = CURLMIN(len, (int)sizeof(buffer));
-    result = socket_read(data, sockindex, buffer, nread);
+    result = socket_read(data, sockindex, buffer, (size_t)nread);
    if(result)
      return result;
    result = Curl_dyn_addn(&buf->buf, buffer, nread);
@ -630,7 +630,7 @@ static void do_sec_send(struct Curl_easy *data, struct connectdata *conn,
    else
      prot_level = conn->command_prot;
  }
-  bytes = conn->mech->encode(conn->app_data, from, length, prot_level,
+  bytes = conn->mech->encode(conn->app_data, from, length, (int)prot_level,
                             (void **)&buffer);
  if(!buffer || bytes <= 0)
    return; /* error */
@ -658,7 +658,7 @@ static void do_sec_send(struct Curl_easy *data, struct connectdata *conn,
    }
  }
  else {
-    htonl_bytes = htonl(bytes);
+    htonl_bytes = (int)htonl((OM_uint32)bytes);
    socket_write(data, fd, &htonl_bytes, sizeof(htonl_bytes));
    socket_write(data, fd, buffer, curlx_sitouz(bytes));
  }
@ -724,7 +724,7 @@ int Curl_sec_read_msg(struct Curl_easy *data, struct connectdata *conn,
  decoded_len = curlx_uztosi(decoded_sz);
  decoded_len = conn->mech->decode(conn->app_data, buf, decoded_len,
-                                   level, conn);
+                                   (int)level, conn);
  if(decoded_len <= 0) {
    free(buf);
    return -1;
@ -789,7 +789,7 @@ static int sec_set_protection_level(struct Curl_easy *data)
    if(pbsz) {
      /* stick to default value if the check fails */
      if(ISDIGIT(pbsz[5]))
-        buffer_size = atoi(&pbsz[5]);
+        buffer_size = (unsigned int)atoi(&pbsz[5]);
      if(buffer_size < conn->buffer_size)
        conn->buffer_size = buffer_size;
    }
--- a/lib/ldap.c
+++ b/lib/ldap.c
@ -252,16 +252,17 @@ static int ldap_win_bind_auth(LDAP *server, const char *user,
  }
  if(method && user && passwd) {
-    rc = Curl_create_sspi_identity(user, passwd, &cred);
+    CURLcode res = Curl_create_sspi_identity(user, passwd, &cred);
    rc = (int)res;
    if(!rc) {
-      rc = ldap_bind_s(server, NULL, (TCHAR *)&cred, method);
+      rc = (int)ldap_bind_s(server, NULL, (TCHAR *)&cred, method);
      Curl_sspi_free_identity(&cred);
    }
  }
  else {
    /* proceed with current user credentials */
    method = LDAP_AUTH_NEGOTIATE;
-    rc = ldap_bind_s(server, NULL, NULL, method);
+    rc = (int)ldap_bind_s(server, NULL, NULL, method);
  }
  return rc;
 }
@ -279,14 +280,14 @@ static int ldap_win_bind(struct Curl_easy *data, LDAP *server,
    inuser = curlx_convert_UTF8_to_tchar((char *) user);
    inpass = curlx_convert_UTF8_to_tchar((char *) passwd);
-    rc = ldap_simple_bind_s(server, inuser, inpass);
+    rc = (int)ldap_simple_bind_s(server, inuser, inpass);
    curlx_unicodefree(inuser);
    curlx_unicodefree(inpass);
  }
 #if defined(USE_WINDOWS_SSPI)
  else {
-    rc = ldap_win_bind_auth(server, user, passwd, data->set.httpauth);
+    rc = (int)ldap_win_bind_auth(server, user, passwd, data->set.httpauth);
  }
 #endif
@ -296,8 +297,10 @@ static int ldap_win_bind(struct Curl_easy *data, LDAP *server,
 #if defined(USE_WIN32_LDAP)
 #define FREE_ON_WINLDAP(x) curlx_unicodefree(x)
 #define curl_ldap_num_t ULONG
 #else
 #define FREE_ON_WINLDAP(x)
 #define curl_ldap_num_t int
 #endif
@ -337,7 +340,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done)
  rc = _ldap_url_parse(data, conn, &ludp);
 #endif
  if(rc) {
-    failf(data, "Bad LDAP URL: %s", ldap_err2string(rc));
+    failf(data, "Bad LDAP URL: %s", ldap_err2string((curl_ldap_num_t)rc));
    result = CURLE_URL_MALFORMAT;
    goto quit;
  }
@ -373,7 +376,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done)
 #ifdef HAVE_LDAP_SSL
 #ifdef USE_WIN32_LDAP
    /* Win32 LDAP SDK doesn't support insecure mode without CA! */
-    server = ldap_sslinit(host, conn->primary.remote_port, 1);
+    server = ldap_sslinit(host, (curl_ldap_num_t)conn->primary.remote_port, 1);
    ldap_set_option(server, LDAP_OPT_SSL, LDAP_OPT_ON);
 #else
    int ldap_option;
@ -503,7 +506,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done)
    goto quit;
  }
  else {
-    server = ldap_init(host, conn->primary.remote_port);
+    server = ldap_init(host, (curl_ldap_num_t)conn->primary.remote_port);
    if(!server) {
      failf(data, "LDAP local: Cannot connect to %s:%u",
            conn->host.dispname, conn->primary.remote_port);
@ -529,7 +532,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done)
  if(rc) {
 #ifdef USE_WIN32_LDAP
    failf(data, "LDAP local: bind via ldap_win_bind %s",
-          ldap_err2string(rc));
+          ldap_err2string((ULONG)rc));
 #else
    failf(data, "LDAP local: bind via ldap_simple_bind_s %s",
          ldap_err2string(rc));
@ -539,11 +542,12 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done)
  }
  Curl_pgrsSetDownloadCounter(data, 0);
-  rc = ldap_search_s(server, ludp->lud_dn, ludp->lud_scope,
+  rc = (int)ldap_search_s(server, ludp->lud_dn,
                          (curl_ldap_num_t)ludp->lud_scope,
                          ludp->lud_filter, ludp->lud_attrs, 0, &ldapmsg);
  if(rc && rc != LDAP_SIZELIMIT_EXCEEDED) {
-    failf(data, "LDAP remote: %s", ldap_err2string(rc));
+    failf(data, "LDAP remote: %s", ldap_err2string((curl_ldap_num_t)rc));
    result = CURLE_LDAP_SEARCH_FAILED;
    goto quit;
  }
--- a/lib/memdebug.h
+++ b/lib/memdebug.h
@ -137,13 +137,14 @@ CURL_EXTERN int curl_dbg_fclose(FILE *file, int line, const char *source);
 #undef socket
 #define socket(domain,type,protocol)\
- curl_dbg_socket(domain, type, protocol, __LINE__, __FILE__)
+ curl_dbg_socket((int)domain, type, protocol, __LINE__, __FILE__)
 #undef accept /* for those with accept as a macro */
 #define accept(sock,addr,len)\
 curl_dbg_accept(sock, addr, len, __LINE__, __FILE__)
 #ifdef HAVE_SOCKETPAIR
 #define socketpair(domain,type,protocol,socket_vector)\
- curl_dbg_socketpair(domain, type, protocol, socket_vector, __LINE__, __FILE__)
+ curl_dbg_socketpair((int)domain, type, protocol, socket_vector, \
                     __LINE__, __FILE__)
 #endif
 #ifdef HAVE_GETADDRINFO
--- a/lib/mime.c
+++ b/lib/mime.c
@ -1137,7 +1137,7 @@ static void cleanup_part_content(curl_mimepart *part)
  part->datasize = (curl_off_t) 0;    /* No size yet. */
  cleanup_encoder_state(&part->encstate);
  part->kind = MIMEKIND_NONE;
-  part->flags &= ~MIME_FAST_READ;
+  part->flags &= ~(unsigned int)MIME_FAST_READ;
  part->lastreadstatus = 1; /* Successful read status. */
  part->state.state = MIMESTATE_BEGIN;
 }
@ -1497,7 +1497,7 @@ CURLcode curl_mime_headers(curl_mimepart *part,
  if(part->flags & MIME_USERHEADERS_OWNER) {
    if(part->userheaders != headers)  /* Allow setting twice the same list. */
      curl_slist_free_all(part->userheaders);
-    part->flags &= ~MIME_USERHEADERS_OWNER;
+    part->flags &= ~(unsigned int)MIME_USERHEADERS_OWNER;
  }
  part->userheaders = headers;
  if(headers && take_ownership)
@ -1662,7 +1662,8 @@ static curl_off_t mime_size(curl_mimepart *part)
  if(size >= 0 && !(part->flags & MIME_BODY_ONLY)) {
    /* Compute total part size. */
    size += slist_size(part->curlheaders, 2, NULL, 0);
-    size += slist_size(part->userheaders, 2, STRCONST("Content-Type"));
+    size += slist_size(part->userheaders, 2,
                       STRCONST("Content-Type"));
    size += 2;    /* CRLF after headers. */
  }
  return size;
--- a/lib/mqtt.c
+++ b/lib/mqtt.c
@ -154,15 +154,15 @@ static int mqtt_getsock(struct Curl_easy *data,
 static int mqtt_encode_len(char *buf, size_t len)
 {
  unsigned char encoded;
  int i;
  for(i = 0; (len > 0) && (i<4); i++) {
    unsigned char encoded;
    encoded = len % 0x80;
    len /= 0x80;
    if(len)
      encoded |= 0x80;
-    buf[i] = encoded;
+    buf[i] = (char)encoded;
  }
  return i;
--- a/lib/multi.c
+++ b/lib/multi.c
@ -343,7 +343,7 @@ static size_t hash_fd(void *key, size_t key_length, size_t slots_num)
  curl_socket_t fd = *((curl_socket_t *) key);
  (void) key_length;
-  return (fd % slots_num);
+  return (fd % (curl_socket_t)slots_num);
 }
 /*
@ -1492,7 +1492,8 @@ static CURLMcode multi_wait(struct Curl_multi *multi,
 #ifdef USE_WINSOCK
    }
    else { /* now wait... if not ready during the pre-check (pollrc == 0) */
-      WSAWaitForMultipleEvents(1, &multi->wsa_event, FALSE, timeout_ms, FALSE);
+      WSAWaitForMultipleEvents(1, &multi->wsa_event, FALSE, (DWORD)timeout_ms,
                               FALSE);
    }
    /* With WinSock, we have to run the following section unconditionally
       to call WSAEventSelect(fd, event, 0) on all the sockets */
@ -1502,7 +1503,7 @@ static CURLMcode multi_wait(struct Curl_multi *multi,
         struct, the bit values of the actual underlying poll() implementation
         may not be the same as the ones in the public libcurl API! */
      for(i = 0; i < extra_nfds; i++) {
-        unsigned r = ufds[curl_nfds + i].revents;
+        unsigned r = (unsigned)ufds[curl_nfds + i].revents;
        unsigned short mask = 0;
 #ifdef USE_WINSOCK
        curl_socket_t s = extra_fds[i].fd;
@ -1519,7 +1520,7 @@ static CURLMcode multi_wait(struct Curl_multi *multi,
        }
        WSAEventSelect(s, multi->wsa_event, 0);
        if(!pollrc) {
-          extra_fds[i].revents = mask;
+          extra_fds[i].revents = (short)mask;
          continue;
        }
 #endif
@ -1529,7 +1530,7 @@ static CURLMcode multi_wait(struct Curl_multi *multi,
          mask |= CURL_WAIT_POLLOUT;
        if(r & POLLPRI)
          mask |= CURL_WAIT_POLLPRI;
-        extra_fds[i].revents = mask;
+        extra_fds[i].revents = (short)mask;
      }
 #ifdef USE_WINSOCK
@ -2814,7 +2815,7 @@ CURLMcode curl_multi_perform(struct Curl_multi *multi, int *running_handles)
    }
  } while(t);
-  *running_handles = multi->num_alive;
+  *running_handles = (int)multi->num_alive;
  if(CURLM_OK >= returncode)
    returncode = Curl_update_timer(multi);
@ -3034,7 +3035,8 @@ static CURLMcode singlesocket(struct Curl_multi *multi,
      }
    }
-    entry->action = comboaction; /* store the current action state */
+    /* store the current action state */
    entry->action = (unsigned int)comboaction;
  }
  /* Check for last_poll.sockets that no longer appear in cur_poll.sockets.
@ -3319,7 +3321,7 @@ static CURLMcode multi_socket(struct Curl_multi *multi,
  if(first)
    sigpipe_restore(&pipe_st);
-  *running_handles = multi->num_alive;
+  *running_handles = (int)multi->num_alive;
  return result;
 }
@ -3624,7 +3626,7 @@ void Curl_expire(struct Curl_easy *data, timediff_t milli, expire_id id)
  set = Curl_now();
  set.tv_sec += (time_t)(milli/1000); /* might be a 64 to 32 bit conversion */
-  set.tv_usec += (unsigned int)(milli%1000)*1000;
+  set.tv_usec += (int)(milli%1000)*1000;
  if(set.tv_usec >= 1000000) {
    set.tv_sec++;
@ -3738,12 +3740,12 @@ CURLMcode curl_multi_assign(struct Curl_multi *multi, curl_socket_t s,
 size_t Curl_multi_max_host_connections(struct Curl_multi *multi)
 {
-  return multi ? multi->max_host_connections : 0;
+  return multi ? (size_t)multi->max_host_connections : 0;
 }
 size_t Curl_multi_max_total_connections(struct Curl_multi *multi)
 {
-  return multi ? multi->max_total_connections : 0;
+  return multi ? (size_t)multi->max_total_connections : 0;
 }
 /*
--- a/lib/nonblock.c
+++ b/lib/nonblock.c
@ -64,7 +64,7 @@ int curlx_nonblock(curl_socket_t sockfd,    /* operate on this */
  /* Windows */
  unsigned long flags = nonblock ? 1UL : 0UL;
-  return ioctlsocket(sockfd, FIONBIO, &flags);
+  return ioctlsocket(sockfd, (long)FIONBIO, &flags);
 #elif defined(HAVE_IOCTLSOCKET_CAMEL_FIONBIO)
--- a/lib/noproxy.c
+++ b/lib/noproxy.c
@ -79,8 +79,8 @@ UNITTEST bool Curl_cidr6_match(const char *ipv6,
                               unsigned int bits)
 {
 #ifdef USE_IPV6
-  int bytes;
+  unsigned int bytes;
-  int rest;
+  unsigned int rest;
  unsigned char address[16];
  unsigned char check[16];
@ -231,7 +231,7 @@ bool Curl_check_noproxy(const char *name, const char *no_proxy)
          slash = strchr(check, '/');
          /* if the slash is part of this token, use it */
          if(slash) {
-            bits = atoi(slash + 1);
+            bits = (unsigned int)atoi(slash + 1);
            *slash = 0; /* null terminate there */
          }
          if(type == TYPE_IPV6)
--- a/lib/rand.c
+++ b/lib/rand.c
@ -270,7 +270,7 @@ CURLcode Curl_rand_alnum(struct Curl_easy *data, unsigned char *rnd,
                         size_t num)
 {
  CURLcode result = CURLE_OK;
-  const int alnumspace = sizeof(alnum) - 1;
+  const unsigned int alnumspace = sizeof(alnum) - 1;
  unsigned int r;
  DEBUGASSERT(num > 1);
@ -283,7 +283,7 @@ CURLcode Curl_rand_alnum(struct Curl_easy *data, unsigned char *rnd,
        return result;
    } while(r >= (UINT_MAX - UINT_MAX % alnumspace));
-    *rnd++ = alnum[r % alnumspace];
+    *rnd++ = (unsigned char)alnum[r % alnumspace];
    num--;
  }
  *rnd = 0;
--- a/lib/rtsp.c
+++ b/lib/rtsp.c
@ -316,7 +316,9 @@ static CURLcode rtsp_do(struct Curl_easy *data, bool *done)
  p_session_id = data->set.str[STRING_RTSP_SESSION_ID];
  if(!p_session_id &&
-     (rtspreq & ~(RTSPREQ_OPTIONS | RTSPREQ_DESCRIBE | RTSPREQ_SETUP))) {
+     (rtspreq & ~(Curl_RtspReq)(RTSPREQ_OPTIONS |
                                RTSPREQ_DESCRIBE |
                                RTSPREQ_SETUP))) {
    failf(data, "Refusing to issue an RTSP request [%s] without a session ID.",
          p_request);
    result = CURLE_BAD_FUNCTION_ARGUMENT;
--- a/lib/select.c
+++ b/lib/select.c
@ -226,7 +226,7 @@ int Curl_socket_check(curl_socket_t readfd0, /* two sockets to read from */
    num++;
  }
-  r = Curl_poll(pfd, num, timeout_ms);
+  r = Curl_poll(pfd, (unsigned int)num, timeout_ms);
  if(r <= 0)
    return r;
--- a/lib/setopt.c
+++ b/lib/setopt.c
@ -176,7 +176,7 @@ static CURLcode setstropt_interface(
 }
 #define C_SSLVERSION_VALUE(x) (x & 0xffff)
-#define C_SSLVERSION_MAX_VALUE(x) (x & 0xffff0000)
+#define C_SSLVERSION_MAX_VALUE(x) ((unsigned long)x & 0xffff0000)
 static CURLcode protocol2num(const char *str, curl_prot_t *val)
 {
@ -501,7 +501,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
      arg = va_arg(param, long);
      version = C_SSLVERSION_VALUE(arg);
-      version_max = C_SSLVERSION_MAX_VALUE(arg);
+      version_max = (long)C_SSLVERSION_MAX_VALUE(arg);
      if(version < CURL_SSLVERSION_DEFAULT ||
         version == CURL_SSLVERSION_SSLv2 ||
@ -968,7 +968,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
    break;
  case CURLOPT_HTTP09_ALLOWED:
-    arg = va_arg(param, unsigned long);
+    arg = (long)va_arg(param, unsigned long);
    if(arg > 1L)
      return CURLE_BAD_FUNCTION_ARGUMENT;
 #ifdef USE_HYPER
@ -2546,7 +2546,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
 #ifdef USE_SSH
    /* we only include SSH options if explicitly built to support SSH */
  case CURLOPT_SSH_AUTH_TYPES:
-    data->set.ssh_auth_types = (unsigned int)va_arg(param, long);
+    data->set.ssh_auth_types = (int)va_arg(param, long);
    break;
  case CURLOPT_SSH_PUBLIC_KEYFILE:
--- a/lib/smb.c
+++ b/lib/smb.c
@ -559,7 +559,7 @@ static void smb_format_message(struct Curl_easy *data, struct smb_header *h,
  h->flags2 = smb_swap16(SMB_FLAGS2_IS_LONG_NAME | SMB_FLAGS2_KNOWS_LONG_NAME);
  h->uid = smb_swap16(smbc->uid);
  h->tid = smb_swap16(req->tid);
-  pid = getpid();
+  pid = (unsigned int)getpid();
  h->pid_high = smb_swap16((unsigned short)(pid >> 16));
  h->pid = smb_swap16((unsigned short) pid);
 }
--- a/lib/smtp.c
+++ b/lib/smtp.c
@ -695,7 +695,7 @@ static CURLcode smtp_perform_mail(struct Curl_easy *data)
  /* Prepare the mime data if some. */
  if(data->set.mimepost.kind != MIMEKIND_NONE) {
    /* Use the whole structure as data. */
-    data->set.mimepost.flags &= ~MIME_BODY_ONLY;
+    data->set.mimepost.flags &= ~(unsigned int)MIME_BODY_ONLY;
    /* Add external headers and mime version. */
    curl_mime_headers(&data->set.mimepost, data->set.headers, 0);
--- a/lib/socks.c
+++ b/lib/socks.c
@ -125,7 +125,7 @@ int Curl_blockread_all(struct Curl_cfilter *cf,
    }
    nread = Curl_conn_cf_recv(cf->next, data, buf, buffersize, &err);
    if(nread <= 0) {
-      result = err;
+      result = (int)err;
      if(CURLE_AGAIN == err)
        continue;
      if(err) {
--- a/lib/socks_gssapi.c
+++ b/lib/socks_gssapi.c
@ -201,7 +201,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
    if(gss_send_token.length) {
      socksreq[0] = 1;    /* GSS-API subnegotiation version */
      socksreq[1] = 1;    /* authentication message type */
-      us_length = htons((short)gss_send_token.length);
+      us_length = htons((unsigned short)gss_send_token.length);
      memcpy(socksreq + 2, &us_length, sizeof(short));
      nwritten = Curl_conn_cf_send(cf->next, data, (char *)socksreq, 4, &code);
@ -406,7 +406,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
    }
    gss_release_buffer(&gss_status, &gss_send_token);
-    us_length = htons((short)gss_w_token.length);
+    us_length = htons((unsigned short)gss_w_token.length);
    memcpy(socksreq + 2, &us_length, sizeof(short));
  }
--- a/lib/socks_sspi.c
+++ b/lib/socks_sspi.c
@ -204,7 +204,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
    if(sspi_send_token.cbBuffer) {
      socksreq[0] = 1;    /* GSS-API subnegotiation version */
      socksreq[1] = 1;    /* authentication message type */
-      us_length = htons((short)sspi_send_token.cbBuffer);
+      us_length = htons((unsigned short)sspi_send_token.cbBuffer);
      memcpy(socksreq + 2, &us_length, sizeof(short));
      written = Curl_conn_cf_send(cf->next, data, (char *)socksreq, 4, &code);
@ -389,7 +389,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
   */
  if(data->set.socks5_gssapi_nec) {
-    us_length = htons((short)1);
+    us_length = htons((unsigned short)1);
    memcpy(socksreq + 2, &us_length, sizeof(short));
  }
  else {
@ -472,7 +472,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
    sspi_w_token[2].pvBuffer = NULL;
    sspi_w_token[2].cbBuffer = 0;
-    us_length = htons((short)sspi_send_token.cbBuffer);
+    us_length = htons((unsigned short)sspi_send_token.cbBuffer);
    memcpy(socksreq + 2, &us_length, sizeof(short));
  }
--- a/lib/strerror.c
+++ b/lib/strerror.c
@ -795,7 +795,7 @@ get_winapi_error(int err, char *buf, size_t buflen)
     expect the local codepage (eg fprintf, failf, infof).
     FormatMessageW -> wcstombs is used for Windows CE compatibility. */
  if(FormatMessageW((FORMAT_MESSAGE_FROM_SYSTEM |
-                     FORMAT_MESSAGE_IGNORE_INSERTS), NULL, err,
+                     FORMAT_MESSAGE_IGNORE_INSERTS), NULL, (DWORD)err,
                    LANG_NEUTRAL, wbuf, sizeof(wbuf)/sizeof(wchar_t), NULL)) {
    size_t written = wcstombs(buf, wbuf, buflen - 1);
    if(written != (size_t)-1)
@ -865,7 +865,7 @@ const char *Curl_strerror(int err, char *buf, size_t buflen)
 #ifdef USE_WINSOCK
       !get_winsock_error(err, buf, buflen) &&
 #endif
-       !get_winapi_error((DWORD)err, buf, buflen))
+       !get_winapi_error(err, buf, buflen))
      msnprintf(buf, buflen, "Unknown error %d (%#x)", err, err);
  }
 #else /* not Windows coming up */
@ -944,7 +944,7 @@ const char *Curl_winapi_strerror(DWORD err, char *buf, size_t buflen)
  *buf = '\0';
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
-  if(!get_winapi_error(err, buf, buflen)) {
+  if(!get_winapi_error((int)err, buf, buflen)) {
    msnprintf(buf, buflen, "Unknown error %lu (0x%08lX)", err, err);
  }
 #else
--- a/lib/telnet.c
+++ b/lib/telnet.c
@ -1544,7 +1544,7 @@ static CURLcode telnet_do(struct Curl_easy *data, bool *done)
  while(keepon) {
    DEBUGF(infof(data, "telnet_do, poll %d fds", poll_cnt));
-    switch(Curl_poll(pfd, poll_cnt, interval_ms)) {
+    switch(Curl_poll(pfd, (unsigned int)poll_cnt, interval_ms)) {
    case -1:                    /* error, stop reading */
      keepon = FALSE;
      continue;
--- a/lib/tftp.c
+++ b/lib/tftp.c
@ -528,7 +528,7 @@ static CURLcode tftp_send_first(struct tftp_state_data *state,
    senddata = sendto(state->sockfd, (void *)state->spacket.data,
                      (SEND_TYPE_ARG3)sbytes, 0,
                      &data->conn->remote_addr->sa_addr,
-                      data->conn->remote_addr->addrlen);
+                      (curl_socklen_t)data->conn->remote_addr->addrlen);
    if(senddata != (ssize_t)sbytes) {
      char buffer[STRERROR_LEN];
      failf(data, "%s", Curl_strerror(SOCKERRNO, buffer, sizeof(buffer)));
@ -738,7 +738,7 @@ static CURLcode tftp_tx(struct tftp_state_data *state, tftp_event_t event)
        else {
          /* Re-send the data packet */
          sbytes = sendto(state->sockfd, (void *)state->spacket.data,
-                          4 + state->sbytes, SEND_4TH_ARG,
+                          4 + (SEND_TYPE_ARG3)state->sbytes, SEND_4TH_ARG,
                          (struct sockaddr *)&state->remote_addr,
                          state->remote_addrlen);
          /* Check all sbytes were sent */
@ -783,7 +783,7 @@ static CURLcode tftp_tx(struct tftp_state_data *state, tftp_event_t event)
    } while(state->sbytes < state->blksize && cb);
    sbytes = sendto(state->sockfd, (void *) state->spacket.data,
-                    4 + state->sbytes, SEND_4TH_ARG,
+                    4 + (SEND_TYPE_ARG3)state->sbytes, SEND_4TH_ARG,
                    (struct sockaddr *)&state->remote_addr,
                    state->remote_addrlen);
    /* Check all sbytes were sent */
@ -809,7 +809,7 @@ static CURLcode tftp_tx(struct tftp_state_data *state, tftp_event_t event)
    else {
      /* Re-send the data packet */
      sbytes = sendto(state->sockfd, (void *)state->spacket.data,
-                      4 + state->sbytes, SEND_4TH_ARG,
+                      4 + (SEND_TYPE_ARG3)state->sbytes, SEND_4TH_ARG,
                      (struct sockaddr *)&state->remote_addr,
                      state->remote_addrlen);
      /* Check all sbytes were sent */
@ -1032,7 +1032,7 @@ static CURLcode tftp_connect(struct Curl_easy *data, bool *done)
     * IPv4 and IPv6...
     */
    int rc = bind(state->sockfd, (struct sockaddr *)&state->local_addr,
-                  conn->remote_addr->addrlen);
+                  (curl_socklen_t)conn->remote_addr->addrlen);
    if(rc) {
      char buffer[STRERROR_LEN];
      failf(data, "bind() failed; %s",
@ -1110,7 +1110,7 @@ static CURLcode tftp_receive_packet(struct Curl_easy *data)
  fromlen = sizeof(fromaddr);
  state->rbytes = (int)recvfrom(state->sockfd,
                                (void *)state->rpacket.data,
-                                state->blksize + 4,
+                                (RECV_TYPE_ARG3)state->blksize + 4,
                                0,
                                (struct sockaddr *)&fromaddr,
                                &fromlen);
--- a/lib/timeval.c
+++ b/lib/timeval.c
@ -51,8 +51,8 @@ struct curltime Curl_now(void)
 #pragma warning(pop)
 #endif
-    now.tv_sec = milliseconds / 1000;
+    now.tv_sec = (time_t)(milliseconds / 1000);
-    now.tv_usec = (milliseconds % 1000) * 1000;
+    now.tv_usec = (int)((milliseconds % 1000) * 1000);
  }
  return now;
 }
@ -95,7 +95,7 @@ struct curltime Curl_now(void)
 #endif
    (0 == clock_gettime(CLOCK_MONOTONIC_RAW, &tsnow))) {
    cnow.tv_sec = tsnow.tv_sec;
-    cnow.tv_usec = (unsigned int)(tsnow.tv_nsec / 1000);
+    cnow.tv_usec = (int)(tsnow.tv_nsec / 1000);
  }
  else
 #endif
@ -107,7 +107,7 @@ struct curltime Curl_now(void)
 #endif
    (0 == clock_gettime(CLOCK_MONOTONIC, &tsnow))) {
    cnow.tv_sec = tsnow.tv_sec;
-    cnow.tv_usec = (unsigned int)(tsnow.tv_nsec / 1000);
+    cnow.tv_usec = (int)(tsnow.tv_nsec / 1000);
  }
  /*
  ** Even when the configure process has truly detected monotonic clock
@ -118,7 +118,7 @@ struct curltime Curl_now(void)
  else {
    (void)gettimeofday(&now, NULL);
    cnow.tv_sec = now.tv_sec;
-    cnow.tv_usec = (unsigned int)now.tv_usec;
+    cnow.tv_usec = (int)now.tv_usec;
  }
 #else
  else {
--- a/lib/transfer.c
+++ b/lib/transfer.c
@ -791,11 +791,11 @@ CURLcode Curl_follow(struct Curl_easy *data,
  }
  DEBUGASSERT(data->state.uh);
-  uc = curl_url_set(data->state.uh, CURLUPART_URL, newurl,
+  uc = curl_url_set(data->state.uh, CURLUPART_URL, newurl, (unsigned int)
-                    (type == FOLLOW_FAKE) ? CURLU_NON_SUPPORT_SCHEME :
+                    ((type == FOLLOW_FAKE) ? CURLU_NON_SUPPORT_SCHEME :
                     ((type == FOLLOW_REDIR) ? CURLU_URLENCODE : 0) |
                     CURLU_ALLOW_SPACE |
-                    (data->set.path_as_is ? CURLU_PATH_AS_IS : 0));
+                     (data->set.path_as_is ? CURLU_PATH_AS_IS : 0)));
  if(uc) {
    if(type != FOLLOW_FAKE) {
      failf(data, "The redirect target URL could not be parsed: %s",
--- a/lib/url.c
+++ b/lib/url.c
@ -1643,7 +1643,7 @@ const struct Curl_handler *Curl_getn_scheme_handler(const char *scheme,
    unsigned int c = 978;
    while(l) {
      c <<= 5;
-      c += Curl_raw_tolower(*s);
+      c += (unsigned int)Curl_raw_tolower(*s);
      s++;
      l--;
    }
@ -1796,12 +1796,12 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
  if(!use_set_uh) {
    char *newurl;
-    uc = curl_url_set(uh, CURLUPART_URL, data->state.url,
+    uc = curl_url_set(uh, CURLUPART_URL, data->state.url, (unsigned int)
-                      CURLU_GUESS_SCHEME |
+                      (CURLU_GUESS_SCHEME |
                       CURLU_NON_SUPPORT_SCHEME |
                       (data->set.disallow_username_in_url ?
                        CURLU_DISALLOW_USER : 0) |
-                      (data->set.path_as_is ? CURLU_PATH_AS_IS : 0));
+                       (data->set.path_as_is ? CURLU_PATH_AS_IS : 0)));
    if(uc) {
      failf(data, "URL rejected: %s", curl_url_strerror(uc));
      return Curl_uc_to_curlcode(uc);
--- a/lib/urlapi.c
+++ b/lib/urlapi.c
@ -206,7 +206,7 @@ static CURLUcode urlencode_str(struct dynbuf *o, const char *url,
 size_t Curl_is_absolute_url(const char *url, char *buf, size_t buflen,
                            bool guess_scheme)
 {
-  int i = 0;
+  size_t i = 0;
  DEBUGASSERT(!buf || (buflen > MAX_SCHEME_LEN));
  (void)buflen; /* only used in debug-builds */
  if(buf)
--- a/lib/version.c
+++ b/lib/version.c
@ -258,10 +258,11 @@ char *curl_version(void)
    api.ldapai_info_version = LDAP_API_INFO_VERSION;
    if(ldap_get_option(NULL, LDAP_OPT_API_INFO, &api) == LDAP_OPT_SUCCESS) {
-      unsigned int patch = api.ldapai_vendor_version % 100;
+      unsigned int patch = (unsigned int)(api.ldapai_vendor_version % 100);
-      unsigned int major = api.ldapai_vendor_version / 10000;
+      unsigned int major = (unsigned int)(api.ldapai_vendor_version / 10000);
      unsigned int minor =
-        ((api.ldapai_vendor_version - major * 10000) - patch) / 100;
+        (((unsigned int)api.ldapai_vendor_version - major * 10000)
          - patch) / 100;
      msnprintf(ldap_buf, sizeof(ldap_buf), "%s/%u.%u.%u",
                api.ldapai_vendor_name, major, minor, patch);
      src[i++] = ldap_buf;
@ -640,7 +641,7 @@ curl_version_info_data *curl_version_info(CURLversion stamp)
 #ifdef USE_NGHTTP2
  {
    nghttp2_info *h2 = nghttp2_version(0);
-    version_info.nghttp2_ver_num = h2->version_num;
+    version_info.nghttp2_ver_num = (unsigned int)h2->version_num;
    version_info.nghttp2_version = h2->version_str;
  }
 #endif
--- a/lib/ws.c
+++ b/lib/ws.c
@ -102,7 +102,7 @@ static unsigned char ws_frame_flags2op(int flags)
  size_t i;
  for(i = 0; i < sizeof(WS_FRAMES)/sizeof(WS_FRAMES[0]); ++i) {
    if(WS_FRAMES[i].flags & flags)
-      return WS_FRAMES[i].proto_opcode;
+      return (unsigned char)WS_FRAMES[i].proto_opcode;
  }
  return 0;
 }
@ -560,7 +560,7 @@ static ssize_t ws_enc_write_head(struct Curl_easy *data,
    return -1;
  }
-  opcode = ws_frame_flags2op(flags);
+  opcode = ws_frame_flags2op((int)flags);
  if(!opcode) {
    failf(data, "WS: provided flags not recognized '%x'", flags);
    *err = CURLE_SEND_ERROR;