lib: tidy up types and casts

Cherry-picked from #13489
Closes #13862

lib/altsvc.c

@@ -270,7 +270,7 @@ static CURLcode altsvc_out(struct altsvc *as, FILE *fp)
           "%s %s%s%s %u "
           "\"%d%02d%02d "
           "%02d:%02d:%02d\" "
-          "%u %d\n",
+          "%u %u\n",
           Curl_alpnid2str(as->src.alpnid),
           src6_pre, as->src.host, src6_post,
           as->src.port,
@@ -462,7 +462,7 @@ static time_t altsvc_debugtime(void *unused)
   char *timestr = getenv("CURL_TIME");
   (void)unused;
   if(timestr) {
-    unsigned long val = strtol(timestr, NULL, 10);
+    long val = strtol(timestr, NULL, 10);
     return (time_t)val;
   }
   return time(NULL);
@@ -624,7 +624,7 @@ CURLcode Curl_altsvc_parse(struct Curl_easy *data,
           num = strtoul(value_ptr, &end_ptr, 10);
           if((end_ptr != value_ptr) && (num < ULONG_MAX)) {
             if(strcasecompare("ma", option))
-              maxage = num;
+              maxage = (time_t)num;
             else if(strcasecompare("persist", option) && (num == 1))
               persist = TRUE;
           }
@@ -696,7 +696,7 @@ bool Curl_altsvc_lookup(struct altsvcinfo *asi,
     if((as->src.alpnid == srcalpnid) &&
        hostcompare(srchost, as->src.host) &&
        (as->src.port == srcport) &&
-       (versions & as->dst.alpnid)) {
+       (versions & (int)as->dst.alpnid)) {
       /* match */
       *dstentry = as;
       return TRUE;

lib/altsvc.h

@@ -47,7 +47,7 @@ struct altsvc {
   struct althost dst;
   time_t expires;
   bool persist;
-  int prio;
+  unsigned int prio;
   struct Curl_llist_element node;
 };
 

lib/asyn-ares.c

@@ -350,7 +350,7 @@ static int waitperform(struct Curl_easy *data, timediff_t timeout_ms)
   }
 
   if(num) {
-    nfds = Curl_poll(pfd, num, timeout_ms);
+    nfds = Curl_poll(pfd, (unsigned int)num, timeout_ms);
     if(nfds < 0)
       return -1;
   }

lib/asyn-thread.c

@@ -697,7 +697,7 @@ static bool init_resolve_thread(struct Curl_easy *data,
                                   NULL, &td->tsd.w8.overlapped,
                                   &query_complete, &td->tsd.w8.cancel_ev);
         if(err != WSA_IO_PENDING)
-          query_complete(err, 0, &td->tsd.w8.overlapped);
+          query_complete((DWORD)err, 0, &td->tsd.w8.overlapped);
         return TRUE;
       }
     }

lib/cf-h2-proxy.c

@@ -1418,7 +1418,7 @@ static ssize_t cf_h2_proxy_send(struct Curl_cfilter *cf,
     /* Unable to send all data, due to connection blocked or H2 window
      * exhaustion. Data is left in our stream buffer, or nghttp2's internal
      * frame buffer or our network out buffer. */
-    size_t rwin = nghttp2_session_get_stream_remote_window_size(
+    size_t rwin = (size_t)nghttp2_session_get_stream_remote_window_size(
                     ctx->h2, ctx->tunnel.stream_id);
     if(rwin == 0) {
       /* H2 flow window exhaustion.

lib/cf-socket.c

@@ -183,10 +183,10 @@ tcpkeepalive(struct Curl_easy *data,
     vals.onoff = 1;
     optval = curlx_sltosi(data->set.tcp_keepidle);
     KEEPALIVE_FACTOR(optval);
-    vals.keepalivetime = optval;
+    vals.keepalivetime = (u_long)optval;
     optval = curlx_sltosi(data->set.tcp_keepintvl);
     KEEPALIVE_FACTOR(optval);
-    vals.keepaliveinterval = optval;
+    vals.keepaliveinterval = (u_long)optval;
     if(WSAIoctl(sockfd, SIO_KEEPALIVE_VALS, (LPVOID) &vals, sizeof(vals),
                 NULL, 0, &dummy, NULL, NULL) != 0) {
       infof(data, "Failed to set SIO_KEEPALIVE_VALS on fd "
@@ -288,7 +288,7 @@ void Curl_sock_assign_addr(struct Curl_sockaddr_ex *dest,
     dest->protocol = IPPROTO_UDP;
     break;
   }
-  dest->addrlen = ai->ai_addrlen;
+  dest->addrlen = (unsigned int)ai->ai_addrlen;
 
   if(dest->addrlen > sizeof(struct Curl_sockaddr_storage))
     dest->addrlen = sizeof(struct Curl_sockaddr_storage);
@@ -1063,7 +1063,7 @@ static CURLcode set_remote_ip(struct Curl_cfilter *cf,
   struct cf_socket_ctx *ctx = cf->ctx;
 
   /* store remote address and port used in this connection attempt */
-  if(!Curl_addr2string(&ctx->addr.sa_addr, ctx->addr.addrlen,
+  if(!Curl_addr2string(&ctx->addr.sa_addr, (curl_socklen_t)ctx->addr.addrlen,
                        ctx->ip.remote_ip, &ctx->ip.remote_port)) {
     char buffer[STRERROR_LEN];
 
@@ -1247,7 +1247,8 @@ static int do_connect(struct Curl_cfilter *cf, struct Curl_easy *data,
 #endif
   }
   else {
-    rc = connect(ctx->sock, &ctx->addr.sa_addr, ctx->addr.addrlen);
+    rc = connect(ctx->sock, &ctx->addr.sa_addr,
+                 (curl_socklen_t)ctx->addr.addrlen);
   }
   return rc;
 }
@@ -1785,7 +1786,8 @@ static CURLcode cf_udp_setup_quic(struct Curl_cfilter *cf,
   /* On macOS OpenSSL QUIC fails on connected sockets.
    * see: <https://github.com/openssl/openssl/issues/23251> */
 #else
-  rc = connect(ctx->sock, &ctx->addr.sa_addr, ctx->addr.addrlen);
+  rc = connect(ctx->sock, &ctx->addr.sa_addr,
+               (curl_socklen_t)ctx->addr.addrlen);
   if(-1 == rc) {
     return socket_connect_result(data, ctx->ip.remote_ip, SOCKERRNO);
   }

lib/content_encoding.c

@@ -536,13 +536,13 @@ static CURLcode gzip_do_write(struct Curl_easy *data,
     /* Append the new block of data to the previous one */
     memcpy(z->next_in + z->avail_in - nbytes, buf, nbytes);
 
-    switch(check_gzip_header(z->next_in, z->avail_in, &hlen)) {
+    switch(check_gzip_header(z->next_in, (ssize_t)z->avail_in, &hlen)) {
     case GZIP_OK:
       /* This is the zlib stream data */
       free(z->next_in);
       /* Don't point into the malloced block since we just freed it */
       z->next_in = (Bytef *) buf + hlen + nbytes - z->avail_in;
-      z->avail_in = (uInt) (z->avail_in - hlen);
+      z->avail_in = z->avail_in - (uInt)hlen;
       zp->zlib_init = ZLIB_GZIP_INFLATING;   /* Inflating stream state */
       break;
 

lib/cookie.c

@@ -262,8 +262,9 @@ static size_t cookie_hash_domain(const char *domain, const size_t len)
   size_t h = 5381;
 
   while(domain < end) {
+    size_t j = (size_t)Curl_raw_toupper(*domain++);
     h += h << 5;
-    h ^= Curl_raw_toupper(*domain++);
+    h ^= j;
   }
 
   return (h % COOKIE_HASH_SIZE);

lib/curl_addrinfo.c

@@ -317,7 +317,11 @@ Curl_he2ai(const struct hostent *he, int port)
       addr = (void *)ai->ai_addr; /* storage area for this info */
 
       memcpy(&addr->sin_addr, curr, sizeof(struct in_addr));
+#ifdef __MINGW32__
+      addr->sin_family = (short)(he->h_addrtype);
+#else
       addr->sin_family = (CURL_SA_FAMILY_T)(he->h_addrtype);
+#endif
       addr->sin_port = htons((unsigned short)port);
       break;
 
@@ -326,7 +330,11 @@ Curl_he2ai(const struct hostent *he, int port)
       addr6 = (void *)ai->ai_addr; /* storage area for this info */
 
       memcpy(&addr6->sin6_addr, curr, sizeof(struct in6_addr));
+#ifdef __MINGW32__
+      addr6->sin6_family = (short)(he->h_addrtype);
+#else
       addr6->sin6_family = (CURL_SA_FAMILY_T)(he->h_addrtype);
+#endif
       addr6->sin6_port = htons((unsigned short)port);
       break;
 #endif

lib/curl_fnmatch.c

@@ -80,7 +80,7 @@ static int parsekeyword(unsigned char **pattern, unsigned char *charset)
   unsigned char *p = *pattern;
   bool found = FALSE;
   for(i = 0; !found; i++) {
-    char c = *p++;
+    char c = (char)*p++;
     if(i >= KEYLEN)
       return SETCHARSET_FAIL;
     switch(state) {

lib/curl_ntlm_core.c

@@ -137,14 +137,14 @@
 */
 static void extend_key_56_to_64(const unsigned char *key_56, char *key)
 {
-  key[0] = key_56[0];
+  key[0] = (char)key_56[0];
-  key[1] = (unsigned char)(((key_56[0] << 7) & 0xFF) | (key_56[1] >> 1));
+  key[1] = (char)(((key_56[0] << 7) & 0xFF) | (key_56[1] >> 1));
-  key[2] = (unsigned char)(((key_56[1] << 6) & 0xFF) | (key_56[2] >> 2));
+  key[2] = (char)(((key_56[1] << 6) & 0xFF) | (key_56[2] >> 2));
-  key[3] = (unsigned char)(((key_56[2] << 5) & 0xFF) | (key_56[3] >> 3));
+  key[3] = (char)(((key_56[2] << 5) & 0xFF) | (key_56[3] >> 3));
-  key[4] = (unsigned char)(((key_56[3] << 4) & 0xFF) | (key_56[4] >> 4));
+  key[4] = (char)(((key_56[3] << 4) & 0xFF) | (key_56[4] >> 4));
-  key[5] = (unsigned char)(((key_56[4] << 3) & 0xFF) | (key_56[5] >> 5));
+  key[5] = (char)(((key_56[4] << 3) & 0xFF) | (key_56[5] >> 5));
-  key[6] = (unsigned char)(((key_56[5] << 2) & 0xFF) | (key_56[6] >> 6));
+  key[6] = (char)(((key_56[5] << 2) & 0xFF) | (key_56[6] >> 6));
-  key[7] = (unsigned char) ((key_56[6] << 1) & 0xFF);
+  key[7] = (char) ((key_56[6] << 1) & 0xFF);
 }
 #endif
 
@@ -466,13 +466,13 @@ static void time2filetime(struct ms_filetime *ft, time_t t)
   unsigned int r, s;
   unsigned int i;
 
-  ft->dwLowDateTime = t & 0xFFFFFFFF;
+  ft->dwLowDateTime = (unsigned int)t & 0xFFFFFFFF;
   ft->dwHighDateTime = 0;
 
 # ifndef HAVE_TIME_T_UNSIGNED
   /* Extend sign if needed. */
   if(ft->dwLowDateTime & 0x80000000)
-    ft->dwHighDateTime = ~0;
+    ft->dwHighDateTime = ~(unsigned int)0;
 # endif
 
   /* Bias seconds to Jan 1, 1601.

lib/doh.c

@@ -518,12 +518,12 @@ static DOHcode skipqname(const unsigned char *doh, size_t dohlen,
   return DOH_OK;
 }
 
-static unsigned short get16bit(const unsigned char *doh, int index)
+static unsigned short get16bit(const unsigned char *doh, unsigned int index)
 {
   return (unsigned short)((doh[index] << 8) | doh[index + 1]);
 }
 
-static unsigned int get32bit(const unsigned char *doh, int index)
+static unsigned int get32bit(const unsigned char *doh, unsigned int index)
 {
   /* make clang and gcc optimize this to bswap by incrementing
      the pointer first. */
@@ -606,7 +606,7 @@ static DOHcode store_cname(const unsigned char *doh,
 
       /* move to the new index */
       newpos = (length & 0x3f) << 8 | doh[index + 1];
-      index = newpos;
+      index = (unsigned int)newpos;
       continue;
     }
     else if(length & 0xc0)
@@ -670,7 +670,7 @@ static DOHcode rdata(const unsigned char *doh,
     break;
 #endif
   case DNS_TYPE_CNAME:
-    rc = store_cname(doh, dohlen, index, d);
+    rc = store_cname(doh, dohlen, (unsigned int)index, d);
     if(rc)
       return rc;
     break;
@@ -771,7 +771,7 @@ UNITTEST DOHcode doh_decode(const unsigned char *doh,
     if(dohlen < (index + rdlength))
       return DOH_DNS_OUT_OF_RANGE;
 
-    rc = rdata(doh, dohlen, rdlength, type, index, d);
+    rc = rdata(doh, dohlen, rdlength, type, (int)index, d);
     if(rc)
       return rc; /* bad rdata */
     index += rdlength;
@@ -967,7 +967,11 @@ static CURLcode doh2ai(const struct dohentry *de, const char *hostname,
       addr = (void *)ai->ai_addr; /* storage area for this info */
       DEBUGASSERT(sizeof(struct in_addr) == sizeof(de->addr[i].ip.v4));
       memcpy(&addr->sin_addr, &de->addr[i].ip.v4, sizeof(struct in_addr));
+#ifdef __MINGW32__
+      addr->sin_family = (short)addrtype;
+#else
       addr->sin_family = addrtype;
+#endif
       addr->sin_port = htons((unsigned short)port);
       break;
 
@@ -976,7 +980,11 @@ static CURLcode doh2ai(const struct dohentry *de, const char *hostname,
       addr6 = (void *)ai->ai_addr; /* storage area for this info */
       DEBUGASSERT(sizeof(struct in6_addr) == sizeof(de->addr[i].ip.v6));
       memcpy(&addr6->sin6_addr, &de->addr[i].ip.v6, sizeof(struct in6_addr));
+#ifdef __MINGW32__
+      addr6->sin6_family = (short)addrtype;
+#else
       addr6->sin6_family = addrtype;
+#endif
       addr6->sin6_port = htons((unsigned short)port);
       break;
 #endif

lib/easy.c

@@ -579,7 +579,7 @@ static CURLcode wait_or_timeout(struct Curl_multi *multi, struct events *ev)
     before = Curl_now();
 
     /* wait for activity or timeout */
-    pollrc = Curl_poll(fds, numfds, ev->ms);
+    pollrc = Curl_poll(fds, (unsigned int)numfds, ev->ms);
     if(pollrc < 0)
       return CURLE_UNRECOVERABLE_POLL;
 

lib/escape.c

@@ -70,7 +70,8 @@ char *curl_easy_escape(struct Curl_easy *data, const char *string,
     return strdup("");
 
   while(length--) {
-    unsigned char in = *string++; /* treat the characters unsigned */
+    /* treat the characters unsigned */
+    unsigned char in = (unsigned char)*string++;
 
     if(ISUNRESERVED(in)) {
       /* append this */
@@ -137,7 +138,7 @@ CURLcode Curl_urldecode(const char *string, size_t length,
   *ostring = ns;
 
   while(alloc) {
-    unsigned char in = *string;
+    unsigned char in = (unsigned char)*string;
     if(('%' == in) && (alloc > 2) &&
        ISXDIGIT(string[1]) && ISXDIGIT(string[2])) {
       /* this is two hexadecimal digits following a '%' */
@@ -157,7 +158,7 @@ CURLcode Curl_urldecode(const char *string, size_t length,
       return CURLE_URL_MALFORMAT;
     }
 
-    *ns++ = in;
+    *ns++ = (char)in;
   }
   *ns = 0; /* terminate it */
 
@@ -222,8 +223,8 @@ void Curl_hexencode(const unsigned char *src, size_t len, /* input length */
     while(len-- && (olen >= 3)) {
       /* clang-tidy warns on this line without this comment: */
       /* NOLINTNEXTLINE(clang-analyzer-core.UndefinedBinaryOperatorResult) */
-      *out++ = hex[(*src & 0xF0)>>4];
+      *out++ = (unsigned char)hex[(*src & 0xF0)>>4];
-      *out++ = hex[*src & 0x0F];
+      *out++ = (unsigned char)hex[*src & 0x0F];
       ++src;
       olen -= 2;
     }

lib/getinfo.c

@@ -204,7 +204,7 @@ static CURLcode getinfo_long(struct Curl_easy *data, CURLINFO info,
 #ifdef DEBUGBUILD
   char *timestr = getenv("CURL_TIME");
   if(timestr) {
-    unsigned long val = strtol(timestr, NULL, 10);
+    unsigned long val = strtoul(timestr, NULL, 10);
     switch(info) {
     case CURLINFO_LOCAL_PORT:
       *param_longp = (long)val;
@@ -216,7 +216,7 @@ static CURLcode getinfo_long(struct Curl_easy *data, CURLINFO info,
   /* use another variable for this to allow different values */
   timestr = getenv("CURL_DEBUG_SIZE");
   if(timestr) {
-    unsigned long val = strtol(timestr, NULL, 10);
+    unsigned long val = strtoul(timestr, NULL, 10);
     switch(info) {
     case CURLINFO_HEADER_SIZE:
     case CURLINFO_REQUEST_SIZE:
@@ -335,7 +335,7 @@ static CURLcode getinfo_long(struct Curl_easy *data, CURLINFO info,
     }
     break;
   case CURLINFO_PROTOCOL:
-    *param_longp = data->info.conn_protocol;
+    *param_longp = (long)data->info.conn_protocol;
     break;
   case CURLINFO_USED_PROXY:
     *param_longp =
@@ -361,7 +361,7 @@ static CURLcode getinfo_offt(struct Curl_easy *data, CURLINFO info,
 #ifdef DEBUGBUILD
   char *timestr = getenv("CURL_TIME");
   if(timestr) {
-    unsigned long val = strtol(timestr, NULL, 10);
+    unsigned long val = strtoul(timestr, NULL, 10);
     switch(info) {
     case CURLINFO_TOTAL_TIME_T:
     case CURLINFO_NAMELOOKUP_TIME_T:
@@ -450,7 +450,7 @@ static CURLcode getinfo_double(struct Curl_easy *data, CURLINFO info,
 #ifdef DEBUGBUILD
   char *timestr = getenv("CURL_TIME");
   if(timestr) {
-    unsigned long val = strtol(timestr, NULL, 10);
+    unsigned long val = strtoul(timestr, NULL, 10);
     switch(info) {
     case CURLINFO_TOTAL_TIME:
     case CURLINFO_NAMELOOKUP_TIME:

lib/hash.c

@@ -270,8 +270,9 @@ size_t Curl_hash_str(void *key, size_t key_length, size_t slots_num)
   size_t h = 5381;
 
   while(key_str < end) {
+    size_t j = (size_t)*key_str++;
     h += h << 5;
-    h ^= *key_str++;
+    h ^= j;
   }
 
   return (h % slots_num);

lib/headers.c

@@ -54,7 +54,7 @@ static void copy_header_external(struct Curl_header_store *hs,
      impossible for applications to do == comparisons, as that would otherwise
      be very tempting and then lead to the reserved bits not being reserved
      anymore. */
-  h->origin = hs->type | (1<<27);
+  h->origin = (unsigned int)(hs->type | (1<<27));
   h->anchor = e;
 }
 

lib/hostip.c

@@ -428,8 +428,8 @@ UNITTEST CURLcode Curl_shuffle_addr(struct Curl_easy *data,
         if(Curl_rand(data, (unsigned char *)rnd, rnd_size) == CURLE_OK) {
           struct Curl_addrinfo *swap_tmp;
           for(i = num_addrs - 1; i > 0; i--) {
-            swap_tmp = nodes[rnd[i] % (i + 1)];
+            swap_tmp = nodes[rnd[i] % (unsigned int)(i + 1)];
-            nodes[rnd[i] % (i + 1)] = nodes[i];
+            nodes[rnd[i] % (unsigned int)(i + 1)] = nodes[i];
             nodes[i] = swap_tmp;
           }
 

lib/http1.c

@@ -217,7 +217,7 @@ static CURLcode start_req(struct h1_req_parser *parser,
     tmp[target_len] = '\0';
     /* See if treating TARGET as an absolute URL makes sense */
     if(Curl_is_absolute_url(tmp, NULL, 0, FALSE)) {
-      int url_options;
+      unsigned int url_options;
 
       url = curl_url();
       if(!url) {

lib/http2.c

@@ -93,7 +93,7 @@
 #define H2_SETTINGS_IV_LEN  3
 #define H2_BINSETTINGS_LEN 80
 
-static int populate_settings(nghttp2_settings_entry *iv,
+static size_t populate_settings(nghttp2_settings_entry *iv,
                                 struct Curl_easy *data)
 {
   iv[0].settings_id = NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS;
@@ -112,7 +112,7 @@ static ssize_t populate_binsettings(uint8_t *binsettings,
                                     struct Curl_easy *data)
 {
   nghttp2_settings_entry iv[H2_SETTINGS_IV_LEN];
-  int ivlen;
+  size_t ivlen;
 
   ivlen = populate_settings(iv, data);
   /* this returns number of bytes it wrote or a negative number on error. */
@@ -133,7 +133,7 @@ struct cf_h2_ctx {
   struct Curl_hash streams; /* hash of `data->id` to `h2_stream_ctx` */
   size_t drain_total; /* sum of all stream's UrlState drain */
   uint32_t max_concurrent_streams;
-  int32_t goaway_error;
+  uint32_t goaway_error;
   int32_t last_stream_id;
   BIT(conn_closed);
   BIT(goaway);
@@ -486,7 +486,7 @@ static CURLcode cf_h2_ctx_init(struct Curl_cfilter *cf,
     DEBUGASSERT(stream);
     stream->id = 1;
     /* queue SETTINGS frame (again) */
-    rc = nghttp2_session_upgrade2(ctx->h2, binsettings, binlen,
+    rc = nghttp2_session_upgrade2(ctx->h2, binsettings, (size_t)binlen,
                                   data->state.httpreq == HTTPREQ_HEAD,
                                   NULL);
     if(rc) {
@@ -507,7 +507,7 @@ static CURLcode cf_h2_ctx_init(struct Curl_cfilter *cf,
   }
   else {
     nghttp2_settings_entry iv[H2_SETTINGS_IV_LEN];
-    int ivlen;
+    size_t ivlen;
 
     ivlen = populate_settings(iv, data);
     rc = nghttp2_submit_settings(ctx->h2, NGHTTP2_FLAG_NONE,
@@ -1007,7 +1007,7 @@ static void h2_xfer_write_resp(struct Curl_cfilter *cf,
                 "RST-ing stream",
                 stream->id, stream->xfer_result, blen);
     nghttp2_submit_rst_stream(ctx->h2, 0, stream->id,
-                              NGHTTP2_ERR_CALLBACK_FAILURE);
+                              (uint32_t)NGHTTP2_ERR_CALLBACK_FAILURE);
   }
 }
 
@@ -1256,7 +1256,7 @@ static int on_frame_recv(nghttp2_session *session, const nghttp2_frame *frame,
       ctx->goaway_error = frame->goaway.error_code;
       ctx->last_stream_id = frame->goaway.last_stream_id;
       if(data) {
-        infof(data, "received GOAWAY, error=%d, last_stream=%u",
+        infof(data, "received GOAWAY, error=%u, last_stream=%u",
                     ctx->goaway_error, ctx->last_stream_id);
         Curl_multi_connchanged(data->multi);
       }
@@ -1654,7 +1654,7 @@ CURLcode Curl_http2_request_upgrade(struct dynbuf *req,
     return CURLE_FAILED_INIT;
   }
 
-  result = Curl_base64url_encode((const char *)binsettings, binlen,
+  result = Curl_base64url_encode((const char *)binsettings, (size_t)binlen,
                                  &base64, &blen);
   if(result) {
     Curl_dyn_free(req);
@@ -2292,8 +2292,8 @@ static ssize_t cf_h2_send(struct Curl_cfilter *cf, struct Curl_easy *data,
     /* Unable to send all data, due to connection blocked or H2 window
      * exhaustion. Data is left in our stream buffer, or nghttp2's internal
      * frame buffer or our network out buffer. */
-    size_t rwin = nghttp2_session_get_stream_remote_window_size(ctx->h2,
+    size_t rwin = (size_t)nghttp2_session_get_stream_remote_window_size(
-                                                                stream->id);
+                    ctx->h2, stream->id);
     /* At the start of a stream, we are called with request headers
      * and, possibly, parts of the body. Later, only body data.
      * If we cannot send pure body data, we EAGAIN. If there had been
@@ -2474,10 +2474,10 @@ static CURLcode http2_data_pause(struct Curl_cfilter *cf,
   if(ctx && ctx->h2 && stream) {
     uint32_t window = pause? 0 : stream->local_window_size;
 
-    int rv = nghttp2_session_set_local_window_size(ctx->h2,
+    int rv = (int)nghttp2_session_set_local_window_size(ctx->h2,
                                                         NGHTTP2_FLAG_NONE,
                                                         stream->id,
-                                                   window);
+                                                        (int32_t)window);
     if(rv) {
       failf(data, "nghttp2_session_set_local_window_size() failed: %s(%d)",
             nghttp2_strerror(rv), rv);
@@ -2505,7 +2505,7 @@ static CURLcode http2_data_pause(struct Curl_cfilter *cf,
 #ifdef DEBUGBUILD
     {
       /* read out the stream local window again */
-      uint32_t window2 =
+      uint32_t window2 = (uint32_t)
         nghttp2_session_get_stream_local_window_size(ctx->h2,
                                                      stream->id);
       DEBUGF(infof(data, "HTTP/2 window size is now %u for stream %u",

lib/imap.c

@@ -776,7 +776,7 @@ static CURLcode imap_perform_append(struct Curl_easy *data)
   /* Prepare the mime data if some. */
   if(data->set.mimepost.kind != MIMEKIND_NONE) {
     /* Use the whole structure as data. */
-    data->set.mimepost.flags &= ~MIME_BODY_ONLY;
+    data->set.mimepost.flags &= ~(unsigned int)MIME_BODY_ONLY;
 
     /* Add external headers and mime version. */
     curl_mime_headers(&data->set.mimepost, data->set.headers, 0);

lib/inet_ntop.c

@@ -58,7 +58,7 @@
  *  - uses no statics
  *  - takes a unsigned char* not an in_addr as input
  */
-static char *inet_ntop4 (const unsigned char *src, char *dst, size_t size)
+static char *inet_ntop4(const unsigned char *src, char *dst, size_t size)
 {
   char tmp[sizeof("255.255.255.255")];
   size_t len;
@@ -84,7 +84,7 @@ static char *inet_ntop4 (const unsigned char *src, char *dst, size_t size)
 /*
  * Convert IPv6 binary address into presentation (printable) format.
  */
-static char *inet_ntop6 (const unsigned char *src, char *dst, size_t size)
+static char *inet_ntop6(const unsigned char *src, char *dst, size_t size)
 {
   /*
    * Note that int32_t and int16_t need only be "at least" large enough

lib/inet_ntop.h

@@ -32,8 +32,13 @@ char *Curl_inet_ntop(int af, const void *addr, char *buf, size_t size);
 #ifdef HAVE_ARPA_INET_H
 #include <arpa/inet.h>
 #endif
+#ifdef _WIN32
 #define Curl_inet_ntop(af,addr,buf,size) \
-        inet_ntop(af, addr, buf, (curl_socklen_t)size)
+        inet_ntop(af, addr, buf, size)
+#else
+#define Curl_inet_ntop(af,addr,buf,size) \
+        inet_ntop(af, addr, buf, (curl_socklen_t)(size))
+#endif
 #endif
 
 #endif /* HEADER_CURL_INET_NTOP_H */

lib/krb5.c

@@ -169,7 +169,7 @@ krb5_encode(void *app_data, const void *from, int length, int level, void **to)
    * libraries modify the input buffer in gss_wrap()
    */
   dec.value = (void *)from;
-  dec.length = length;
+  dec.length = (size_t)length;
   maj = gss_wrap(&min, *context,
                  level == PROT_PRIVATE,
                  GSS_C_QOP_DEFAULT,
@@ -524,7 +524,7 @@ static CURLcode read_data(struct Curl_easy *data, int sockindex,
     return result;
 
   if(len) {
-    len = ntohl(len);
+    len = (int)ntohl((uint32_t)len);
     if(len > CURL_MAX_INPUT_LENGTH)
       return CURLE_TOO_LARGE;
 
@@ -536,7 +536,7 @@ static CURLcode read_data(struct Curl_easy *data, int sockindex,
   do {
     char buffer[1024];
     nread = CURLMIN(len, (int)sizeof(buffer));
-    result = socket_read(data, sockindex, buffer, nread);
+    result = socket_read(data, sockindex, buffer, (size_t)nread);
     if(result)
       return result;
     result = Curl_dyn_addn(&buf->buf, buffer, nread);
@@ -630,7 +630,7 @@ static void do_sec_send(struct Curl_easy *data, struct connectdata *conn,
     else
       prot_level = conn->command_prot;
   }
-  bytes = conn->mech->encode(conn->app_data, from, length, prot_level,
+  bytes = conn->mech->encode(conn->app_data, from, length, (int)prot_level,
                              (void **)&buffer);
   if(!buffer || bytes <= 0)
     return; /* error */
@@ -658,7 +658,7 @@ static void do_sec_send(struct Curl_easy *data, struct connectdata *conn,
     }
   }
   else {
-    htonl_bytes = htonl(bytes);
+    htonl_bytes = (int)htonl((OM_uint32)bytes);
     socket_write(data, fd, &htonl_bytes, sizeof(htonl_bytes));
     socket_write(data, fd, buffer, curlx_sitouz(bytes));
   }
@@ -724,7 +724,7 @@ int Curl_sec_read_msg(struct Curl_easy *data, struct connectdata *conn,
   decoded_len = curlx_uztosi(decoded_sz);
 
   decoded_len = conn->mech->decode(conn->app_data, buf, decoded_len,
-                                   level, conn);
+                                   (int)level, conn);
   if(decoded_len <= 0) {
     free(buf);
     return -1;
@@ -789,7 +789,7 @@ static int sec_set_protection_level(struct Curl_easy *data)
     if(pbsz) {
       /* stick to default value if the check fails */
       if(ISDIGIT(pbsz[5]))
-        buffer_size = atoi(&pbsz[5]);
+        buffer_size = (unsigned int)atoi(&pbsz[5]);
       if(buffer_size < conn->buffer_size)
         conn->buffer_size = buffer_size;
     }

lib/ldap.c

@@ -252,16 +252,17 @@ static int ldap_win_bind_auth(LDAP *server, const char *user,
   }
 
   if(method && user && passwd) {
-    rc = Curl_create_sspi_identity(user, passwd, &cred);
+    CURLcode res = Curl_create_sspi_identity(user, passwd, &cred);
+    rc = (int)res;
     if(!rc) {
-      rc = ldap_bind_s(server, NULL, (TCHAR *)&cred, method);
+      rc = (int)ldap_bind_s(server, NULL, (TCHAR *)&cred, method);
       Curl_sspi_free_identity(&cred);
     }
   }
   else {
     /* proceed with current user credentials */
     method = LDAP_AUTH_NEGOTIATE;
-    rc = ldap_bind_s(server, NULL, NULL, method);
+    rc = (int)ldap_bind_s(server, NULL, NULL, method);
   }
   return rc;
 }
@@ -279,14 +280,14 @@ static int ldap_win_bind(struct Curl_easy *data, LDAP *server,
     inuser = curlx_convert_UTF8_to_tchar((char *) user);
     inpass = curlx_convert_UTF8_to_tchar((char *) passwd);
 
-    rc = ldap_simple_bind_s(server, inuser, inpass);
+    rc = (int)ldap_simple_bind_s(server, inuser, inpass);
 
     curlx_unicodefree(inuser);
     curlx_unicodefree(inpass);
   }
 #if defined(USE_WINDOWS_SSPI)
   else {
-    rc = ldap_win_bind_auth(server, user, passwd, data->set.httpauth);
+    rc = (int)ldap_win_bind_auth(server, user, passwd, data->set.httpauth);
   }
 #endif
 
@@ -296,8 +297,10 @@ static int ldap_win_bind(struct Curl_easy *data, LDAP *server,
 
 #if defined(USE_WIN32_LDAP)
 #define FREE_ON_WINLDAP(x) curlx_unicodefree(x)
+#define curl_ldap_num_t ULONG
 #else
 #define FREE_ON_WINLDAP(x)
+#define curl_ldap_num_t int
 #endif
 
 
@@ -337,7 +340,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done)
   rc = _ldap_url_parse(data, conn, &ludp);
 #endif
   if(rc) {
-    failf(data, "Bad LDAP URL: %s", ldap_err2string(rc));
+    failf(data, "Bad LDAP URL: %s", ldap_err2string((curl_ldap_num_t)rc));
     result = CURLE_URL_MALFORMAT;
     goto quit;
   }
@@ -373,7 +376,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done)
 #ifdef HAVE_LDAP_SSL
 #ifdef USE_WIN32_LDAP
     /* Win32 LDAP SDK doesn't support insecure mode without CA! */
-    server = ldap_sslinit(host, conn->primary.remote_port, 1);
+    server = ldap_sslinit(host, (curl_ldap_num_t)conn->primary.remote_port, 1);
     ldap_set_option(server, LDAP_OPT_SSL, LDAP_OPT_ON);
 #else
     int ldap_option;
@@ -503,7 +506,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done)
     goto quit;
   }
   else {
-    server = ldap_init(host, conn->primary.remote_port);
+    server = ldap_init(host, (curl_ldap_num_t)conn->primary.remote_port);
     if(!server) {
       failf(data, "LDAP local: Cannot connect to %s:%u",
             conn->host.dispname, conn->primary.remote_port);
@@ -529,7 +532,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done)
   if(rc) {
 #ifdef USE_WIN32_LDAP
     failf(data, "LDAP local: bind via ldap_win_bind %s",
-          ldap_err2string(rc));
+          ldap_err2string((ULONG)rc));
 #else
     failf(data, "LDAP local: bind via ldap_simple_bind_s %s",
           ldap_err2string(rc));
@@ -539,11 +542,12 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done)
   }
 
   Curl_pgrsSetDownloadCounter(data, 0);
-  rc = ldap_search_s(server, ludp->lud_dn, ludp->lud_scope,
+  rc = (int)ldap_search_s(server, ludp->lud_dn,
+                          (curl_ldap_num_t)ludp->lud_scope,
                           ludp->lud_filter, ludp->lud_attrs, 0, &ldapmsg);
 
   if(rc && rc != LDAP_SIZELIMIT_EXCEEDED) {
-    failf(data, "LDAP remote: %s", ldap_err2string(rc));
+    failf(data, "LDAP remote: %s", ldap_err2string((curl_ldap_num_t)rc));
     result = CURLE_LDAP_SEARCH_FAILED;
     goto quit;
   }

lib/memdebug.h

@@ -137,13 +137,14 @@ CURL_EXTERN int curl_dbg_fclose(FILE *file, int line, const char *source);
 
 #undef socket
 #define socket(domain,type,protocol)\
- curl_dbg_socket(domain, type, protocol, __LINE__, __FILE__)
+ curl_dbg_socket((int)domain, type, protocol, __LINE__, __FILE__)
 #undef accept /* for those with accept as a macro */
 #define accept(sock,addr,len)\
  curl_dbg_accept(sock, addr, len, __LINE__, __FILE__)
 #ifdef HAVE_SOCKETPAIR
 #define socketpair(domain,type,protocol,socket_vector)\
- curl_dbg_socketpair(domain, type, protocol, socket_vector, __LINE__, __FILE__)
+ curl_dbg_socketpair((int)domain, type, protocol, socket_vector, \
+                     __LINE__, __FILE__)
 #endif
 
 #ifdef HAVE_GETADDRINFO

lib/mime.c

@@ -1137,7 +1137,7 @@ static void cleanup_part_content(curl_mimepart *part)
   part->datasize = (curl_off_t) 0;    /* No size yet. */
   cleanup_encoder_state(&part->encstate);
   part->kind = MIMEKIND_NONE;
-  part->flags &= ~MIME_FAST_READ;
+  part->flags &= ~(unsigned int)MIME_FAST_READ;
   part->lastreadstatus = 1; /* Successful read status. */
   part->state.state = MIMESTATE_BEGIN;
 }
@@ -1497,7 +1497,7 @@ CURLcode curl_mime_headers(curl_mimepart *part,
   if(part->flags & MIME_USERHEADERS_OWNER) {
     if(part->userheaders != headers)  /* Allow setting twice the same list. */
       curl_slist_free_all(part->userheaders);
-    part->flags &= ~MIME_USERHEADERS_OWNER;
+    part->flags &= ~(unsigned int)MIME_USERHEADERS_OWNER;
   }
   part->userheaders = headers;
   if(headers && take_ownership)
@@ -1662,7 +1662,8 @@ static curl_off_t mime_size(curl_mimepart *part)
   if(size >= 0 && !(part->flags & MIME_BODY_ONLY)) {
     /* Compute total part size. */
     size += slist_size(part->curlheaders, 2, NULL, 0);
-    size += slist_size(part->userheaders, 2, STRCONST("Content-Type"));
+    size += slist_size(part->userheaders, 2,
+                       STRCONST("Content-Type"));
     size += 2;    /* CRLF after headers. */
   }
   return size;

lib/mqtt.c

@@ -154,15 +154,15 @@ static int mqtt_getsock(struct Curl_easy *data,
 
 static int mqtt_encode_len(char *buf, size_t len)
 {
-  unsigned char encoded;
   int i;
 
   for(i = 0; (len > 0) && (i<4); i++) {
+    unsigned char encoded;
     encoded = len % 0x80;
     len /= 0x80;
     if(len)
       encoded |= 0x80;
-    buf[i] = encoded;
+    buf[i] = (char)encoded;
   }
 
   return i;

lib/multi.c

@@ -343,7 +343,7 @@ static size_t hash_fd(void *key, size_t key_length, size_t slots_num)
   curl_socket_t fd = *((curl_socket_t *) key);
   (void) key_length;
 
-  return (fd % slots_num);
+  return (fd % (curl_socket_t)slots_num);
 }
 
 /*
@@ -1492,7 +1492,8 @@ static CURLMcode multi_wait(struct Curl_multi *multi,
 #ifdef USE_WINSOCK
     }
     else { /* now wait... if not ready during the pre-check (pollrc == 0) */
-      WSAWaitForMultipleEvents(1, &multi->wsa_event, FALSE, timeout_ms, FALSE);
+      WSAWaitForMultipleEvents(1, &multi->wsa_event, FALSE, (DWORD)timeout_ms,
+                               FALSE);
     }
     /* With WinSock, we have to run the following section unconditionally
        to call WSAEventSelect(fd, event, 0) on all the sockets */
@@ -1502,7 +1503,7 @@ static CURLMcode multi_wait(struct Curl_multi *multi,
          struct, the bit values of the actual underlying poll() implementation
          may not be the same as the ones in the public libcurl API! */
       for(i = 0; i < extra_nfds; i++) {
-        unsigned r = ufds[curl_nfds + i].revents;
+        unsigned r = (unsigned)ufds[curl_nfds + i].revents;
         unsigned short mask = 0;
 #ifdef USE_WINSOCK
         curl_socket_t s = extra_fds[i].fd;
@@ -1519,7 +1520,7 @@ static CURLMcode multi_wait(struct Curl_multi *multi,
         }
         WSAEventSelect(s, multi->wsa_event, 0);
         if(!pollrc) {
-          extra_fds[i].revents = mask;
+          extra_fds[i].revents = (short)mask;
           continue;
         }
 #endif
@@ -1529,7 +1530,7 @@ static CURLMcode multi_wait(struct Curl_multi *multi,
           mask |= CURL_WAIT_POLLOUT;
         if(r & POLLPRI)
           mask |= CURL_WAIT_POLLPRI;
-        extra_fds[i].revents = mask;
+        extra_fds[i].revents = (short)mask;
       }
 
 #ifdef USE_WINSOCK
@@ -2814,7 +2815,7 @@ CURLMcode curl_multi_perform(struct Curl_multi *multi, int *running_handles)
     }
   } while(t);
 
-  *running_handles = multi->num_alive;
+  *running_handles = (int)multi->num_alive;
 
   if(CURLM_OK >= returncode)
     returncode = Curl_update_timer(multi);
@@ -3034,7 +3035,8 @@ static CURLMcode singlesocket(struct Curl_multi *multi,
       }
     }
 
-    entry->action = comboaction; /* store the current action state */
+    /* store the current action state */
+    entry->action = (unsigned int)comboaction;
   }
 
   /* Check for last_poll.sockets that no longer appear in cur_poll.sockets.
@@ -3319,7 +3321,7 @@ static CURLMcode multi_socket(struct Curl_multi *multi,
   if(first)
     sigpipe_restore(&pipe_st);
 
-  *running_handles = multi->num_alive;
+  *running_handles = (int)multi->num_alive;
   return result;
 }
 
@@ -3624,7 +3626,7 @@ void Curl_expire(struct Curl_easy *data, timediff_t milli, expire_id id)
 
   set = Curl_now();
   set.tv_sec += (time_t)(milli/1000); /* might be a 64 to 32 bit conversion */
-  set.tv_usec += (unsigned int)(milli%1000)*1000;
+  set.tv_usec += (int)(milli%1000)*1000;
 
   if(set.tv_usec >= 1000000) {
     set.tv_sec++;
@@ -3738,12 +3740,12 @@ CURLMcode curl_multi_assign(struct Curl_multi *multi, curl_socket_t s,
 
 size_t Curl_multi_max_host_connections(struct Curl_multi *multi)
 {
-  return multi ? multi->max_host_connections : 0;
+  return multi ? (size_t)multi->max_host_connections : 0;
 }
 
 size_t Curl_multi_max_total_connections(struct Curl_multi *multi)
 {
-  return multi ? multi->max_total_connections : 0;
+  return multi ? (size_t)multi->max_total_connections : 0;
 }
 
 /*

lib/nonblock.c

@@ -64,7 +64,7 @@ int curlx_nonblock(curl_socket_t sockfd,    /* operate on this */
 
   /* Windows */
   unsigned long flags = nonblock ? 1UL : 0UL;
-  return ioctlsocket(sockfd, FIONBIO, &flags);
+  return ioctlsocket(sockfd, (long)FIONBIO, &flags);
 
 #elif defined(HAVE_IOCTLSOCKET_CAMEL_FIONBIO)
 

lib/noproxy.c

@@ -79,15 +79,15 @@ UNITTEST bool Curl_cidr6_match(const char *ipv6,
                                unsigned int bits)
 {
 #ifdef USE_IPV6
-  int bytes;
+  unsigned int bytes;
-  int rest;
+  unsigned int rest;
   unsigned char address[16];
   unsigned char check[16];
 
   if(!bits)
     bits = 128;
 
-  bytes = bits/8;
+  bytes = bits / 8;
   rest = bits & 0x07;
   if(1 != Curl_inet_pton(AF_INET6, ipv6, address))
     return FALSE;
@@ -231,7 +231,7 @@ bool Curl_check_noproxy(const char *name, const char *no_proxy)
           slash = strchr(check, '/');
           /* if the slash is part of this token, use it */
           if(slash) {
-            bits = atoi(slash + 1);
+            bits = (unsigned int)atoi(slash + 1);
             *slash = 0; /* null terminate there */
           }
           if(type == TYPE_IPV6)

lib/rand.c

@@ -270,7 +270,7 @@ CURLcode Curl_rand_alnum(struct Curl_easy *data, unsigned char *rnd,
                          size_t num)
 {
   CURLcode result = CURLE_OK;
-  const int alnumspace = sizeof(alnum) - 1;
+  const unsigned int alnumspace = sizeof(alnum) - 1;
   unsigned int r;
   DEBUGASSERT(num > 1);
 
@@ -283,7 +283,7 @@ CURLcode Curl_rand_alnum(struct Curl_easy *data, unsigned char *rnd,
         return result;
     } while(r >= (UINT_MAX - UINT_MAX % alnumspace));
 
-    *rnd++ = alnum[r % alnumspace];
+    *rnd++ = (unsigned char)alnum[r % alnumspace];
     num--;
   }
   *rnd = 0;

lib/rtsp.c

@@ -316,7 +316,9 @@ static CURLcode rtsp_do(struct Curl_easy *data, bool *done)
 
   p_session_id = data->set.str[STRING_RTSP_SESSION_ID];
   if(!p_session_id &&
-     (rtspreq & ~(RTSPREQ_OPTIONS | RTSPREQ_DESCRIBE | RTSPREQ_SETUP))) {
+     (rtspreq & ~(Curl_RtspReq)(RTSPREQ_OPTIONS |
+                                RTSPREQ_DESCRIBE |
+                                RTSPREQ_SETUP))) {
     failf(data, "Refusing to issue an RTSP request [%s] without a session ID.",
           p_request);
     result = CURLE_BAD_FUNCTION_ARGUMENT;

lib/select.c

@@ -226,7 +226,7 @@ int Curl_socket_check(curl_socket_t readfd0, /* two sockets to read from */
     num++;
   }
 
-  r = Curl_poll(pfd, num, timeout_ms);
+  r = Curl_poll(pfd, (unsigned int)num, timeout_ms);
   if(r <= 0)
     return r;
 

lib/setopt.c

@@ -176,7 +176,7 @@ static CURLcode setstropt_interface(
 }
 
 #define C_SSLVERSION_VALUE(x) (x & 0xffff)
-#define C_SSLVERSION_MAX_VALUE(x) (x & 0xffff0000)
+#define C_SSLVERSION_MAX_VALUE(x) ((unsigned long)x & 0xffff0000)
 
 static CURLcode protocol2num(const char *str, curl_prot_t *val)
 {
@@ -501,7 +501,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
       arg = va_arg(param, long);
 
       version = C_SSLVERSION_VALUE(arg);
-      version_max = C_SSLVERSION_MAX_VALUE(arg);
+      version_max = (long)C_SSLVERSION_MAX_VALUE(arg);
 
       if(version < CURL_SSLVERSION_DEFAULT ||
          version == CURL_SSLVERSION_SSLv2 ||
@@ -968,7 +968,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
     break;
 
   case CURLOPT_HTTP09_ALLOWED:
-    arg = va_arg(param, unsigned long);
+    arg = (long)va_arg(param, unsigned long);
     if(arg > 1L)
       return CURLE_BAD_FUNCTION_ARGUMENT;
 #ifdef USE_HYPER
@@ -2546,7 +2546,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
 #ifdef USE_SSH
     /* we only include SSH options if explicitly built to support SSH */
   case CURLOPT_SSH_AUTH_TYPES:
-    data->set.ssh_auth_types = (unsigned int)va_arg(param, long);
+    data->set.ssh_auth_types = (int)va_arg(param, long);
     break;
 
   case CURLOPT_SSH_PUBLIC_KEYFILE:

lib/smb.c

@@ -559,7 +559,7 @@ static void smb_format_message(struct Curl_easy *data, struct smb_header *h,
   h->flags2 = smb_swap16(SMB_FLAGS2_IS_LONG_NAME | SMB_FLAGS2_KNOWS_LONG_NAME);
   h->uid = smb_swap16(smbc->uid);
   h->tid = smb_swap16(req->tid);
-  pid = getpid();
+  pid = (unsigned int)getpid();
   h->pid_high = smb_swap16((unsigned short)(pid >> 16));
   h->pid = smb_swap16((unsigned short) pid);
 }

lib/smtp.c

@@ -695,7 +695,7 @@ static CURLcode smtp_perform_mail(struct Curl_easy *data)
   /* Prepare the mime data if some. */
   if(data->set.mimepost.kind != MIMEKIND_NONE) {
     /* Use the whole structure as data. */
-    data->set.mimepost.flags &= ~MIME_BODY_ONLY;
+    data->set.mimepost.flags &= ~(unsigned int)MIME_BODY_ONLY;
 
     /* Add external headers and mime version. */
     curl_mime_headers(&data->set.mimepost, data->set.headers, 0);

lib/socks.c

@@ -125,7 +125,7 @@ int Curl_blockread_all(struct Curl_cfilter *cf,
     }
     nread = Curl_conn_cf_recv(cf->next, data, buf, buffersize, &err);
     if(nread <= 0) {
-      result = err;
+      result = (int)err;
       if(CURLE_AGAIN == err)
         continue;
       if(err) {

lib/socks_gssapi.c

@@ -201,7 +201,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
     if(gss_send_token.length) {
       socksreq[0] = 1;    /* GSS-API subnegotiation version */
       socksreq[1] = 1;    /* authentication message type */
-      us_length = htons((short)gss_send_token.length);
+      us_length = htons((unsigned short)gss_send_token.length);
       memcpy(socksreq + 2, &us_length, sizeof(short));
 
       nwritten = Curl_conn_cf_send(cf->next, data, (char *)socksreq, 4, &code);
@@ -406,7 +406,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
     }
     gss_release_buffer(&gss_status, &gss_send_token);
 
-    us_length = htons((short)gss_w_token.length);
+    us_length = htons((unsigned short)gss_w_token.length);
     memcpy(socksreq + 2, &us_length, sizeof(short));
   }
 

lib/socks_sspi.c

@@ -204,7 +204,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
     if(sspi_send_token.cbBuffer) {
       socksreq[0] = 1;    /* GSS-API subnegotiation version */
       socksreq[1] = 1;    /* authentication message type */
-      us_length = htons((short)sspi_send_token.cbBuffer);
+      us_length = htons((unsigned short)sspi_send_token.cbBuffer);
       memcpy(socksreq + 2, &us_length, sizeof(short));
 
       written = Curl_conn_cf_send(cf->next, data, (char *)socksreq, 4, &code);
@@ -389,7 +389,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
    */
 
   if(data->set.socks5_gssapi_nec) {
-    us_length = htons((short)1);
+    us_length = htons((unsigned short)1);
     memcpy(socksreq + 2, &us_length, sizeof(short));
   }
   else {
@@ -472,7 +472,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
     sspi_w_token[2].pvBuffer = NULL;
     sspi_w_token[2].cbBuffer = 0;
 
-    us_length = htons((short)sspi_send_token.cbBuffer);
+    us_length = htons((unsigned short)sspi_send_token.cbBuffer);
     memcpy(socksreq + 2, &us_length, sizeof(short));
   }
 

lib/strerror.c

@@ -795,7 +795,7 @@ get_winapi_error(int err, char *buf, size_t buflen)
      expect the local codepage (eg fprintf, failf, infof).
      FormatMessageW -> wcstombs is used for Windows CE compatibility. */
   if(FormatMessageW((FORMAT_MESSAGE_FROM_SYSTEM |
-                     FORMAT_MESSAGE_IGNORE_INSERTS), NULL, err,
+                     FORMAT_MESSAGE_IGNORE_INSERTS), NULL, (DWORD)err,
                     LANG_NEUTRAL, wbuf, sizeof(wbuf)/sizeof(wchar_t), NULL)) {
     size_t written = wcstombs(buf, wbuf, buflen - 1);
     if(written != (size_t)-1)
@@ -865,7 +865,7 @@ const char *Curl_strerror(int err, char *buf, size_t buflen)
 #ifdef USE_WINSOCK
        !get_winsock_error(err, buf, buflen) &&
 #endif
-       !get_winapi_error((DWORD)err, buf, buflen))
+       !get_winapi_error(err, buf, buflen))
       msnprintf(buf, buflen, "Unknown error %d (%#x)", err, err);
   }
 #else /* not Windows coming up */
@@ -944,7 +944,7 @@ const char *Curl_winapi_strerror(DWORD err, char *buf, size_t buflen)
   *buf = '\0';
 
 #ifndef CURL_DISABLE_VERBOSE_STRINGS
-  if(!get_winapi_error(err, buf, buflen)) {
+  if(!get_winapi_error((int)err, buf, buflen)) {
     msnprintf(buf, buflen, "Unknown error %lu (0x%08lX)", err, err);
   }
 #else

lib/telnet.c

@@ -1544,7 +1544,7 @@ static CURLcode telnet_do(struct Curl_easy *data, bool *done)
 
   while(keepon) {
     DEBUGF(infof(data, "telnet_do, poll %d fds", poll_cnt));
-    switch(Curl_poll(pfd, poll_cnt, interval_ms)) {
+    switch(Curl_poll(pfd, (unsigned int)poll_cnt, interval_ms)) {
     case -1:                    /* error, stop reading */
       keepon = FALSE;
       continue;

lib/tftp.c

@@ -528,7 +528,7 @@ static CURLcode tftp_send_first(struct tftp_state_data *state,
     senddata = sendto(state->sockfd, (void *)state->spacket.data,
                       (SEND_TYPE_ARG3)sbytes, 0,
                       &data->conn->remote_addr->sa_addr,
-                      data->conn->remote_addr->addrlen);
+                      (curl_socklen_t)data->conn->remote_addr->addrlen);
     if(senddata != (ssize_t)sbytes) {
       char buffer[STRERROR_LEN];
       failf(data, "%s", Curl_strerror(SOCKERRNO, buffer, sizeof(buffer)));
@@ -738,7 +738,7 @@ static CURLcode tftp_tx(struct tftp_state_data *state, tftp_event_t event)
         else {
           /* Re-send the data packet */
           sbytes = sendto(state->sockfd, (void *)state->spacket.data,
-                          4 + state->sbytes, SEND_4TH_ARG,
+                          4 + (SEND_TYPE_ARG3)state->sbytes, SEND_4TH_ARG,
                           (struct sockaddr *)&state->remote_addr,
                           state->remote_addrlen);
           /* Check all sbytes were sent */
@@ -783,7 +783,7 @@ static CURLcode tftp_tx(struct tftp_state_data *state, tftp_event_t event)
     } while(state->sbytes < state->blksize && cb);
 
     sbytes = sendto(state->sockfd, (void *) state->spacket.data,
-                    4 + state->sbytes, SEND_4TH_ARG,
+                    4 + (SEND_TYPE_ARG3)state->sbytes, SEND_4TH_ARG,
                     (struct sockaddr *)&state->remote_addr,
                     state->remote_addrlen);
     /* Check all sbytes were sent */
@@ -809,7 +809,7 @@ static CURLcode tftp_tx(struct tftp_state_data *state, tftp_event_t event)
     else {
       /* Re-send the data packet */
       sbytes = sendto(state->sockfd, (void *)state->spacket.data,
-                      4 + state->sbytes, SEND_4TH_ARG,
+                      4 + (SEND_TYPE_ARG3)state->sbytes, SEND_4TH_ARG,
                       (struct sockaddr *)&state->remote_addr,
                       state->remote_addrlen);
       /* Check all sbytes were sent */
@@ -1032,7 +1032,7 @@ static CURLcode tftp_connect(struct Curl_easy *data, bool *done)
      * IPv4 and IPv6...
      */
     int rc = bind(state->sockfd, (struct sockaddr *)&state->local_addr,
-                  conn->remote_addr->addrlen);
+                  (curl_socklen_t)conn->remote_addr->addrlen);
     if(rc) {
       char buffer[STRERROR_LEN];
       failf(data, "bind() failed; %s",
@@ -1110,7 +1110,7 @@ static CURLcode tftp_receive_packet(struct Curl_easy *data)
   fromlen = sizeof(fromaddr);
   state->rbytes = (int)recvfrom(state->sockfd,
                                 (void *)state->rpacket.data,
-                                state->blksize + 4,
+                                (RECV_TYPE_ARG3)state->blksize + 4,
                                 0,
                                 (struct sockaddr *)&fromaddr,
                                 &fromlen);

lib/timeval.c

@@ -51,8 +51,8 @@ struct curltime Curl_now(void)
 #pragma warning(pop)
 #endif
 
-    now.tv_sec = milliseconds / 1000;
+    now.tv_sec = (time_t)(milliseconds / 1000);
-    now.tv_usec = (milliseconds % 1000) * 1000;
+    now.tv_usec = (int)((milliseconds % 1000) * 1000);
   }
   return now;
 }
@@ -95,7 +95,7 @@ struct curltime Curl_now(void)
 #endif
     (0 == clock_gettime(CLOCK_MONOTONIC_RAW, &tsnow))) {
     cnow.tv_sec = tsnow.tv_sec;
-    cnow.tv_usec = (unsigned int)(tsnow.tv_nsec / 1000);
+    cnow.tv_usec = (int)(tsnow.tv_nsec / 1000);
   }
   else
 #endif
@@ -107,7 +107,7 @@ struct curltime Curl_now(void)
 #endif
     (0 == clock_gettime(CLOCK_MONOTONIC, &tsnow))) {
     cnow.tv_sec = tsnow.tv_sec;
-    cnow.tv_usec = (unsigned int)(tsnow.tv_nsec / 1000);
+    cnow.tv_usec = (int)(tsnow.tv_nsec / 1000);
   }
   /*
   ** Even when the configure process has truly detected monotonic clock
@@ -118,7 +118,7 @@ struct curltime Curl_now(void)
   else {
     (void)gettimeofday(&now, NULL);
     cnow.tv_sec = now.tv_sec;
-    cnow.tv_usec = (unsigned int)now.tv_usec;
+    cnow.tv_usec = (int)now.tv_usec;
   }
 #else
   else {

lib/transfer.c

@@ -791,11 +791,11 @@ CURLcode Curl_follow(struct Curl_easy *data,
   }
 
   DEBUGASSERT(data->state.uh);
-  uc = curl_url_set(data->state.uh, CURLUPART_URL, newurl,
+  uc = curl_url_set(data->state.uh, CURLUPART_URL, newurl, (unsigned int)
-                    (type == FOLLOW_FAKE) ? CURLU_NON_SUPPORT_SCHEME :
+                    ((type == FOLLOW_FAKE) ? CURLU_NON_SUPPORT_SCHEME :
                      ((type == FOLLOW_REDIR) ? CURLU_URLENCODE : 0) |
                      CURLU_ALLOW_SPACE |
-                    (data->set.path_as_is ? CURLU_PATH_AS_IS : 0));
+                     (data->set.path_as_is ? CURLU_PATH_AS_IS : 0)));
   if(uc) {
     if(type != FOLLOW_FAKE) {
       failf(data, "The redirect target URL could not be parsed: %s",

lib/url.c

@@ -1643,7 +1643,7 @@ const struct Curl_handler *Curl_getn_scheme_handler(const char *scheme,
     unsigned int c = 978;
     while(l) {
       c <<= 5;
-      c += Curl_raw_tolower(*s);
+      c += (unsigned int)Curl_raw_tolower(*s);
       s++;
       l--;
     }
@@ -1796,12 +1796,12 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
 
   if(!use_set_uh) {
     char *newurl;
-    uc = curl_url_set(uh, CURLUPART_URL, data->state.url,
+    uc = curl_url_set(uh, CURLUPART_URL, data->state.url, (unsigned int)
-                      CURLU_GUESS_SCHEME |
+                      (CURLU_GUESS_SCHEME |
                        CURLU_NON_SUPPORT_SCHEME |
                        (data->set.disallow_username_in_url ?
                         CURLU_DISALLOW_USER : 0) |
-                      (data->set.path_as_is ? CURLU_PATH_AS_IS : 0));
+                       (data->set.path_as_is ? CURLU_PATH_AS_IS : 0)));
     if(uc) {
       failf(data, "URL rejected: %s", curl_url_strerror(uc));
       return Curl_uc_to_curlcode(uc);

lib/urlapi.c

@@ -206,7 +206,7 @@ static CURLUcode urlencode_str(struct dynbuf *o, const char *url,
 size_t Curl_is_absolute_url(const char *url, char *buf, size_t buflen,
                             bool guess_scheme)
 {
-  int i = 0;
+  size_t i = 0;
   DEBUGASSERT(!buf || (buflen > MAX_SCHEME_LEN));
   (void)buflen; /* only used in debug-builds */
   if(buf)

lib/version.c

@@ -258,10 +258,11 @@ char *curl_version(void)
     api.ldapai_info_version = LDAP_API_INFO_VERSION;
 
     if(ldap_get_option(NULL, LDAP_OPT_API_INFO, &api) == LDAP_OPT_SUCCESS) {
-      unsigned int patch = api.ldapai_vendor_version % 100;
+      unsigned int patch = (unsigned int)(api.ldapai_vendor_version % 100);
-      unsigned int major = api.ldapai_vendor_version / 10000;
+      unsigned int major = (unsigned int)(api.ldapai_vendor_version / 10000);
       unsigned int minor =
-        ((api.ldapai_vendor_version - major * 10000) - patch) / 100;
+        (((unsigned int)api.ldapai_vendor_version - major * 10000)
+          - patch) / 100;
       msnprintf(ldap_buf, sizeof(ldap_buf), "%s/%u.%u.%u",
                 api.ldapai_vendor_name, major, minor, patch);
       src[i++] = ldap_buf;
@@ -640,7 +641,7 @@ curl_version_info_data *curl_version_info(CURLversion stamp)
 #ifdef USE_NGHTTP2
   {
     nghttp2_info *h2 = nghttp2_version(0);
-    version_info.nghttp2_ver_num = h2->version_num;
+    version_info.nghttp2_ver_num = (unsigned int)h2->version_num;
     version_info.nghttp2_version = h2->version_str;
   }
 #endif

lib/ws.c

@@ -102,7 +102,7 @@ static unsigned char ws_frame_flags2op(int flags)
   size_t i;
   for(i = 0; i < sizeof(WS_FRAMES)/sizeof(WS_FRAMES[0]); ++i) {
     if(WS_FRAMES[i].flags & flags)
-      return WS_FRAMES[i].proto_opcode;
+      return (unsigned char)WS_FRAMES[i].proto_opcode;
   }
   return 0;
 }
@@ -560,7 +560,7 @@ static ssize_t ws_enc_write_head(struct Curl_easy *data,
     return -1;
   }
 
-  opcode = ws_frame_flags2op(flags);
+  opcode = ws_frame_flags2op((int)flags);
   if(!opcode) {
     failf(data, "WS: provided flags not recognized '%x'", flags);
     *err = CURLE_SEND_ERROR;