Blame SOURCES/xmlsec1-1.2.20-covscan-fixes.patch

dd8e7b
diff --git a/apps/cmdline.c b/apps/cmdline.c
dd8e7b
index b9ecafb..eb95d9a 100644
dd8e7b
--- a/apps/cmdline.c
dd8e7b
+++ b/apps/cmdline.c
dd8e7b
@@ -152,7 +152,7 @@ xmlSecAppCmdLineValueCreate(xmlSecAppCmdLineParamPtr param, int pos) {
dd8e7b
     assert(param != NULL);
dd8e7b
     value = (xmlSecAppCmdLineValuePtr) malloc(sizeof(xmlSecAppCmdLineValue));
dd8e7b
     if(value == NULL) {
dd8e7b
-        fprintf(stderr, "Error: malloc failed (%d bytes).\n", sizeof(xmlSecAppCmdLineValue));
dd8e7b
+        fprintf(stderr, "Error: malloc failed (%d bytes).\n", (int)sizeof(xmlSecAppCmdLineValue));
dd8e7b
         return(NULL);
dd8e7b
     }
dd8e7b
     memset(value, 0, sizeof(xmlSecAppCmdLineValue));
dd8e7b
@@ -284,7 +284,7 @@ xmlSecAppCmdLineParamRead(xmlSecAppCmdLineParamPtr param, const char** argv, int
dd8e7b
             value->strValue = argv[++pos];
dd8e7b
             buf = (char*)malloc(strlen(value->strValue) + 2);
dd8e7b
             if(buf == NULL) {
dd8e7b
-                fprintf(stderr, "Error: failed to allocate memory (%d bytes).\n", strlen(value->strValue) + 2);
dd8e7b
+                fprintf(stderr, "Error: failed to allocate memory (%d bytes).\n", (int)strlen(value->strValue) + 2);
dd8e7b
                 return(-1);
dd8e7b
             }
dd8e7b
             memset(buf, 0, strlen(value->strValue) + 2);
dd8e7b
diff --git a/apps/xmlsec.c b/apps/xmlsec.c
dd8e7b
index c2f3196..c9e5534 100644
dd8e7b
--- a/apps/xmlsec.c
dd8e7b
+++ b/apps/xmlsec.c
dd8e7b
@@ -2986,7 +2986,7 @@ xmlSecAppWriteResult(xmlDocPtr doc, xmlSecBufferPtr buffer) {
dd8e7b
     if(doc != NULL) {
dd8e7b
         xmlDocDump(f, doc);    
dd8e7b
     } else if((buffer != NULL) && (xmlSecBufferGetData(buffer) != NULL)) {
dd8e7b
-        fwrite(xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), 1, f); 
dd8e7b
+        (void)fwrite(xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), 1, f); 
dd8e7b
     } else {
dd8e7b
         fprintf(stderr, "Error: both result doc and result buffer are null\n"); 
dd8e7b
         xmlSecAppCloseFile(f);
dd8e7b
diff --git a/docs/index.html b/docs/index.html
dd8e7b
index c46aefe..96fea05 100644
dd8e7b
--- a/docs/index.html
dd8e7b
+++ b/docs/index.html
dd8e7b
@@ -70,7 +70,7 @@ see the Copyright file in the distribution  for details.

dd8e7b
         The XML Security Library 1.2.20 release fixes a number of miscellaneous bugs and 
dd8e7b
         updates expired or soon-to-be-expired certificates in the test suite.
dd8e7b
 
dd8e7b
-
  • March 24 2013
  • dd8e7b
    +
  • March 24 2013
  • dd8e7b
             The XML Security Library 1.2.19 release adds support for DSA-SHA256, ECDSA-SHA1,
    dd8e7b
             ECDSA-SHA224, ECDSA-SHA256, ECDSA-SHA384, ECDSA-SHA512 and fixes a number of miscellaneous bugs.
    dd8e7b
     
    dd8e7b
    diff --git a/docs/news.html b/docs/news.html
    dd8e7b
    index c0ff702..8aaa252 100644
    dd8e7b
    --- a/docs/news.html
    dd8e7b
    +++ b/docs/news.html
    dd8e7b
    @@ -51,7 +51,7 @@
    dd8e7b
             The XML Security Library 1.2.20 release fixes a number of miscellaneous bugs and 
    dd8e7b
             updates expired or soon-to-be-expired certificates in the test suite.
    dd8e7b
     
    dd8e7b
    -
  • March 24 2013
  • dd8e7b
    +
  • March 24 2013
  • dd8e7b
             The XML Security Library 1.2.19 release adds support for DSA-SHA256, ECDSA-SHA1,
    dd8e7b
             ECDSA-SHA224, ECDSA-SHA256, ECDSA-SHA384, ECDSA-SHA512 and fixes a number of miscellaneous bugs.
    dd8e7b
     
    dd8e7b
    diff --git a/include/xmlsec/openssl/crypto.h b/include/xmlsec/openssl/crypto.h
    dd8e7b
    index aec5fb3..b2fbea9 100644
    dd8e7b
    --- a/include/xmlsec/openssl/crypto.h
    dd8e7b
    +++ b/include/xmlsec/openssl/crypto.h
    dd8e7b
    @@ -308,7 +308,7 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGost2001GostR3411_9
    dd8e7b
      * The GOSTR3411_94 signature transform klass.
    dd8e7b
      */
    dd8e7b
     #define xmlSecOpenSSLTransformGostR3411_94Id \
    dd8e7b
    -	xmlSecOpenSSLTransformGostR3411_94GetKlass()
    dd8e7b
    +		xmlSecOpenSSLTransformGostR3411_94GetKlass()
    dd8e7b
     XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGostR3411_94GetKlass(void);
    dd8e7b
     
    dd8e7b
     #endif /* XMLSEC_NO_GOST */
    dd8e7b
    diff --git a/src/base64.c b/src/base64.c
    dd8e7b
    index 53e6694..0546582 100644
    dd8e7b
    --- a/src/base64.c
    dd8e7b
    +++ b/src/base64.c
    dd8e7b
    @@ -161,7 +161,7 @@ xmlSecBase64CtxCreate(int encode, int columns) {
    dd8e7b
                         NULL,
    dd8e7b
                         XMLSEC_ERRORS_R_MALLOC_FAILED,
    dd8e7b
                         "sizeof(xmlSecBase64Ctx)=%d",
    dd8e7b
    -                    sizeof(xmlSecBase64Ctx));
    dd8e7b
    +                    (int)sizeof(xmlSecBase64Ctx));
    dd8e7b
             return(NULL);
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
    diff --git a/src/buffer.c b/src/buffer.c
    dd8e7b
    index 0efbfed..52c5fc9 100644
    dd8e7b
    --- a/src/buffer.c
    dd8e7b
    +++ b/src/buffer.c
    dd8e7b
    @@ -67,7 +67,7 @@ xmlSecBufferCreate(xmlSecSize size) {
    dd8e7b
                         NULL,
    dd8e7b
                         NULL,
    dd8e7b
                         XMLSEC_ERRORS_R_MALLOC_FAILED,
    dd8e7b
    -                    "sizeof(xmlSecBuffer)=%d", sizeof(xmlSecBuffer));
    dd8e7b
    +                    "sizeof(xmlSecBuffer)=%d", (int)sizeof(xmlSecBuffer));
    dd8e7b
             return(NULL);
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
    diff --git a/src/dl.c b/src/dl.c
    dd8e7b
    index 5ffc2ff..255818f 100644
    dd8e7b
    --- a/src/dl.c
    dd8e7b
    +++ b/src/dl.c
    dd8e7b
    @@ -102,7 +102,7 @@ xmlSecCryptoDLLibraryCreate(const xmlChar* name) {
    dd8e7b
                         NULL,
    dd8e7b
                         NULL,
    dd8e7b
                         XMLSEC_ERRORS_R_MALLOC_FAILED,
    dd8e7b
    -                    "size=%d", sizeof(lib));
    dd8e7b
    +                    "size=%d", (int)sizeof(lib));
    dd8e7b
             return(NULL);
    dd8e7b
         }
    dd8e7b
         memset(lib, 0, sizeof(xmlSecCryptoDLLibrary));
    dd8e7b
    diff --git a/src/gcrypt/asn1.c b/src/gcrypt/asn1.c
    dd8e7b
    index 9a2b5cf..f718139 100644
    dd8e7b
    --- a/src/gcrypt/asn1.c
    dd8e7b
    +++ b/src/gcrypt/asn1.c
    dd8e7b
    @@ -304,11 +304,11 @@ xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
    dd8e7b
             case 3:
    dd8e7b
                 /* Public RSA */
    dd8e7b
                 type = xmlSecGCryptDerKeyTypePublicRsa;
    dd8e7b
    -	    break;
    dd8e7b
    +            break;
    dd8e7b
             case 5:
    dd8e7b
                 /* Public DSA */
    dd8e7b
                 type = xmlSecGCryptDerKeyTypePublicDsa;
    dd8e7b
    -	    break;
    dd8e7b
    +            break;
    dd8e7b
             case 6:
    dd8e7b
                 /* Private DSA */
    dd8e7b
                 type = xmlSecGCryptDerKeyTypePrivateDsa;
    dd8e7b
    diff --git a/src/io.c b/src/io.c
    dd8e7b
    index 42e9133..3f3b9ef 100644
    dd8e7b
    --- a/src/io.c
    dd8e7b
    +++ b/src/io.c
    dd8e7b
    @@ -66,7 +66,7 @@ xmlSecIOCallbackCreate(xmlInputMatchCallback matchFunc, xmlInputOpenCallback ope
    dd8e7b
                         NULL,
    dd8e7b
                         XMLSEC_ERRORS_R_MALLOC_FAILED,
    dd8e7b
                         "sizeof(xmlSecIOCallback)=%d",
    dd8e7b
    -                    sizeof(xmlSecIOCallback));
    dd8e7b
    +                    (int)sizeof(xmlSecIOCallback));
    dd8e7b
             return(NULL);
    dd8e7b
         }
    dd8e7b
         memset(callbacks, 0, sizeof(xmlSecIOCallback));
    dd8e7b
    diff --git a/src/keyinfo.c b/src/keyinfo.c
    dd8e7b
    index 00390fa..7fc6a4b 100644
    dd8e7b
    --- a/src/keyinfo.c
    dd8e7b
    +++ b/src/keyinfo.c
    dd8e7b
    @@ -227,7 +227,7 @@ xmlSecKeyInfoCtxCreate(xmlSecKeysMngrPtr keysMngr) {
    dd8e7b
                         NULL,
    dd8e7b
                         NULL,
    dd8e7b
                         XMLSEC_ERRORS_R_MALLOC_FAILED,
    dd8e7b
    -                    "size=%d", sizeof(xmlSecKeyInfoCtx));
    dd8e7b
    +                    "size=%d", (int)sizeof(xmlSecKeyInfoCtx));
    dd8e7b
             return(NULL);
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
    @@ -761,7 +761,16 @@ xmlSecKeyDataNameXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node,
    dd8e7b
     
    dd8e7b
         /* finally set key name if it is not there */
    dd8e7b
         if(xmlSecKeyGetName(key) == NULL) {
    dd8e7b
    -        xmlSecKeySetName(key, newName);
    dd8e7b
    +        ret = xmlSecKeySetName(key, newName);
    dd8e7b
    +        if(ret < 0) {
    dd8e7b
    +            xmlSecError(XMLSEC_ERRORS_HERE,
    dd8e7b
    +                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
    dd8e7b
    +                        "xmlSecKeySetName",
    dd8e7b
    +                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
    dd8e7b
    +                        XMLSEC_ERRORS_NO_MESSAGE);
    dd8e7b
    +            xmlFree(newName);
    dd8e7b
    +            return(-1);
    dd8e7b
    +        }
    dd8e7b
         }
    dd8e7b
         xmlFree(newName);
    dd8e7b
         return(0);
    dd8e7b
    diff --git a/src/keys.c b/src/keys.c
    dd8e7b
    index 1d2f733..27f3690 100644
    dd8e7b
    --- a/src/keys.c
    dd8e7b
    +++ b/src/keys.c
    dd8e7b
    @@ -112,7 +112,7 @@ xmlSecKeyUseWithCreate(const xmlChar* application, const xmlChar* identifier) {
    dd8e7b
                         NULL,
    dd8e7b
                         XMLSEC_ERRORS_R_MALLOC_FAILED,
    dd8e7b
                         "sizeof(xmlSecKeyUseWith)=%d",
    dd8e7b
    -                    sizeof(xmlSecKeyUseWith));
    dd8e7b
    +                    (int)sizeof(xmlSecKeyUseWith));
    dd8e7b
             return(NULL);
    dd8e7b
         }
    dd8e7b
         memset(keyUseWith, 0, sizeof(xmlSecKeyUseWith));
    dd8e7b
    @@ -548,7 +548,7 @@ xmlSecKeyCreate(void)  {
    dd8e7b
                         NULL,
    dd8e7b
                         XMLSEC_ERRORS_R_MALLOC_FAILED,
    dd8e7b
                         "sizeof(xmlSecKey)=%d",
    dd8e7b
    -                    sizeof(xmlSecKey));
    dd8e7b
    +                    (int)sizeof(xmlSecKey));
    dd8e7b
             return(NULL);
    dd8e7b
         }
    dd8e7b
         memset(key, 0, sizeof(xmlSecKey));
    dd8e7b
    diff --git a/src/keysdata.c b/src/keysdata.c
    dd8e7b
    index de854ba..0367b16 100644
    dd8e7b
    --- a/src/keysdata.c
    dd8e7b
    +++ b/src/keysdata.c
    dd8e7b
    @@ -255,7 +255,7 @@ xmlSecKeyDataDuplicate(xmlSecKeyDataPtr data) {
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
         ret = (data->id->duplicate)(newData, data);
    dd8e7b
    -    if(newData == NULL) {
    dd8e7b
    +    if(ret < 0) {
    dd8e7b
             xmlSecError(XMLSEC_ERRORS_HERE,
    dd8e7b
                         xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
    dd8e7b
                         "id->duplicate",
    dd8e7b
    diff --git a/src/keysmngr.c b/src/keysmngr.c
    dd8e7b
    index 31a03e9..ad253c9 100644
    dd8e7b
    --- a/src/keysmngr.c
    dd8e7b
    +++ b/src/keysmngr.c
    dd8e7b
    @@ -53,7 +53,7 @@ xmlSecKeysMngrCreate(void) {
    dd8e7b
                         NULL,
    dd8e7b
                         XMLSEC_ERRORS_R_MALLOC_FAILED,
    dd8e7b
                         "sizeof(xmlSecKeysMngr)=%d",
    dd8e7b
    -                    sizeof(xmlSecKeysMngr));
    dd8e7b
    +                    (int)sizeof(xmlSecKeysMngr));
    dd8e7b
             return(NULL);
    dd8e7b
         }
    dd8e7b
         memset(mngr, 0, sizeof(xmlSecKeysMngr));
    dd8e7b
    diff --git a/src/list.c b/src/list.c
    dd8e7b
    index d1a0053..1d48cc6 100644
    dd8e7b
    --- a/src/list.c
    dd8e7b
    +++ b/src/list.c
    dd8e7b
    @@ -65,7 +65,7 @@ xmlSecPtrListCreate(xmlSecPtrListId id) {
    dd8e7b
                         NULL,
    dd8e7b
                         XMLSEC_ERRORS_R_MALLOC_FAILED,
    dd8e7b
                         "sizeof(xmlSecPtrList)=%d",
    dd8e7b
    -                    sizeof(xmlSecPtrList));
    dd8e7b
    +                    (int)sizeof(xmlSecPtrList));
    dd8e7b
             return(NULL);
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
    @@ -479,7 +479,7 @@ xmlSecPtrListEnsureSize(xmlSecPtrListPtr list, xmlSecSize size) {
    dd8e7b
                         NULL,
    dd8e7b
                         XMLSEC_ERRORS_R_MALLOC_FAILED,
    dd8e7b
                         "sizeof(xmlSecPtr)*%d=%d",
    dd8e7b
    -                    newSize, sizeof(xmlSecPtr) * newSize);
    dd8e7b
    +                    newSize, (int)(sizeof(xmlSecPtr) * newSize));
    dd8e7b
             return(-1);
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
    diff --git a/src/mscrypto/x509vfy.c b/src/mscrypto/x509vfy.c
    dd8e7b
    index 16b63db..6541a6c 100644
    dd8e7b
    --- a/src/mscrypto/x509vfy.c
    dd8e7b
    +++ b/src/mscrypto/x509vfy.c
    dd8e7b
    @@ -1183,7 +1183,7 @@ xmlSecMSCryptoX509GetCertName(const xmlChar * name) {
    dd8e7b
                         "xmlSecMSCryptoConvertUtf8ToTstr",
    dd8e7b
                         XMLSEC_ERRORS_R_XMLSEC_FAILED,
    dd8e7b
                         XMLSEC_ERRORS_NO_MESSAGE);
    dd8e7b
    -	xmlFree(name2);
    dd8e7b
    +        xmlFree(name2);
    dd8e7b
             return(NULL);
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
    diff --git a/src/nodeset.c b/src/nodeset.c
    dd8e7b
    index 04ae810..fbb3ecd 100644
    dd8e7b
    --- a/src/nodeset.c
    dd8e7b
    +++ b/src/nodeset.c
    dd8e7b
    @@ -57,7 +57,7 @@ xmlSecNodeSetCreate(xmlDocPtr doc, xmlNodeSetPtr nodes, xmlSecNodeSetType type)
    dd8e7b
                         NULL,
    dd8e7b
                         XMLSEC_ERRORS_R_MALLOC_FAILED,
    dd8e7b
                         "sizeof(xmlSecNodeSet)=%d",
    dd8e7b
    -                    sizeof(xmlSecNodeSet));
    dd8e7b
    +                    (int)sizeof(xmlSecNodeSet));
    dd8e7b
             return(NULL);
    dd8e7b
         }
    dd8e7b
         memset(nset, 0,  sizeof(xmlSecNodeSet));
    dd8e7b
    diff --git a/src/nss/keysstore.c b/src/nss/keysstore.c
    dd8e7b
    index f07e44b..057fc45 100644
    dd8e7b
    --- a/src/nss/keysstore.c
    dd8e7b
    +++ b/src/nss/keysstore.c
    dd8e7b
    @@ -271,7 +271,7 @@ xmlSecNssKeysStoreInitialize(xmlSecKeyStorePtr store) {
    dd8e7b
         xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecNssKeysStoreId), -1);
    dd8e7b
     
    dd8e7b
         ss = xmlSecNssKeysStoreGetSS(store);
    dd8e7b
    -    xmlSecAssert2((*ss == NULL), -1);
    dd8e7b
    +    xmlSecAssert2(((ss == NULL) || (*ss == NULL)), -1);
    dd8e7b
     
    dd8e7b
         *ss = xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId);
    dd8e7b
         if(*ss == NULL) {
    dd8e7b
    diff --git a/src/nss/pkikeys.c b/src/nss/pkikeys.c
    dd8e7b
    index ae9e29b..5ede4cc 100644
    dd8e7b
    --- a/src/nss/pkikeys.c
    dd8e7b
    +++ b/src/nss/pkikeys.c
    dd8e7b
    @@ -752,6 +752,15 @@ xmlSecNssKeyDataDsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
         handle = PK11_ImportPublicKey(slot, pubkey, PR_FALSE);
    dd8e7b
    +    if(handle == CK_INVALID_HANDLE) {
    dd8e7b
    +        xmlSecError(XMLSEC_ERRORS_HERE,
    dd8e7b
    +                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
    dd8e7b
    +                    "PK11_ImportPublicKey",
    dd8e7b
    +                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
    dd8e7b
    +                    XMLSEC_ERRORS_NO_MESSAGE);
    dd8e7b
    +        ret = -1;
    dd8e7b
    +        goto done;
    dd8e7b
    +    }
    dd8e7b
     
    dd8e7b
         data = xmlSecKeyDataCreate(id);
    dd8e7b
         if(data == NULL ) {
    dd8e7b
    diff --git a/src/nss/x509vfy.c b/src/nss/x509vfy.c
    dd8e7b
    index fdb866f..9e957fe 100644
    dd8e7b
    --- a/src/nss/x509vfy.c
    dd8e7b
    +++ b/src/nss/x509vfy.c
    dd8e7b
    @@ -233,7 +233,8 @@ xmlSecNssX509StoreVerify(xmlSecKeyDataStorePtr store, CERTCertList* certs,
    dd8e7b
                             NULL,
    dd8e7b
                             XMLSEC_ERRORS_R_CERT_ISSUER_FAILED,
    dd8e7b
                             "cert with subject name %s could not be verified because the issuer's cert is expired/invalid or not found",
    dd8e7b
    -                        cert->subjectName);
    dd8e7b
    +                        (cert != NULL) ? cert->subjectName : "(NULL)"
    dd8e7b
    +            );
    dd8e7b
                 break;
    dd8e7b
             case SEC_ERROR_EXPIRED_CERTIFICATE:
    dd8e7b
                 xmlSecError(XMLSEC_ERRORS_HERE,
    dd8e7b
    @@ -241,7 +242,8 @@ xmlSecNssX509StoreVerify(xmlSecKeyDataStorePtr store, CERTCertList* certs,
    dd8e7b
                             NULL,
    dd8e7b
                             XMLSEC_ERRORS_R_CERT_HAS_EXPIRED,
    dd8e7b
                             "cert with subject name %s has expired",
    dd8e7b
    -                        cert->subjectName);
    dd8e7b
    +                        (cert != NULL) ? cert->subjectName : "(NULL)"
    dd8e7b
    +            );
    dd8e7b
                 break;
    dd8e7b
             case SEC_ERROR_REVOKED_CERTIFICATE:
    dd8e7b
                 xmlSecError(XMLSEC_ERRORS_HERE,
    dd8e7b
    @@ -249,15 +251,16 @@ xmlSecNssX509StoreVerify(xmlSecKeyDataStorePtr store, CERTCertList* certs,
    dd8e7b
                             NULL,
    dd8e7b
                             XMLSEC_ERRORS_R_CERT_REVOKED,
    dd8e7b
                             "cert with subject name %s has been revoked",
    dd8e7b
    -                        cert->subjectName);
    dd8e7b
    +                        (cert != NULL) ? cert->subjectName : "(NULL)"
    dd8e7b
    +            );
    dd8e7b
                 break;
    dd8e7b
             default:
    dd8e7b
                 xmlSecError(XMLSEC_ERRORS_HERE,
    dd8e7b
                             xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
    dd8e7b
                             NULL,
    dd8e7b
                             XMLSEC_ERRORS_R_CERT_VERIFY_FAILED,
    dd8e7b
    -                                                "cert with subject name %s could not be verified, errcode %d",
    dd8e7b
    -                                                cert->subjectName,
    dd8e7b
    +                        "cert with subject name %s could not be verified, errcode %d",
    dd8e7b
    +                        (cert != NULL) ? cert->subjectName : "(NULL)",
    dd8e7b
                             PORT_GetError());
    dd8e7b
                 break;
    dd8e7b
         }
    dd8e7b
    @@ -690,11 +693,10 @@ xmlSecNssX509NameRead(xmlSecByte *str, int len) {
    dd8e7b
                     }
    dd8e7b
                     memcpy(p, value, valueLen);
    dd8e7b
                     p+=valueLen;
    dd8e7b
    -                if (len > 0)
    dd8e7b
    +                if (len > 0) {
    dd8e7b
                         *p++=',';
    dd8e7b
    +                }
    dd8e7b
                 }
    dd8e7b
    -        } else {
    dd8e7b
    -            valueLen = 0;
    dd8e7b
             }
    dd8e7b
             if(len > 0) {
    dd8e7b
                 ++str; --len;
    dd8e7b
    diff --git a/src/openssl/app.c b/src/openssl/app.c
    dd8e7b
    index 4f8f79e..4154d2e 100644
    dd8e7b
    --- a/src/openssl/app.c
    dd8e7b
    +++ b/src/openssl/app.c
    dd8e7b
    @@ -255,7 +255,7 @@ xmlSecOpenSSLAppKeyLoadBIO(BIO* bio, xmlSecKeyDataFormat format,
    dd8e7b
             }
    dd8e7b
             if(pKey == NULL) {
    dd8e7b
                 /* go to start of the file and try to read public key */
    dd8e7b
    -            BIO_reset(bio);
    dd8e7b
    +            (void)BIO_reset(bio);
    dd8e7b
                 pKey = PEM_read_bio_PUBKEY(bio, NULL,
    dd8e7b
                                 XMLSEC_PTR_TO_FUNC(pem_password_cb, pwdCallback),
    dd8e7b
                                 pwdCallbackCtx);
    dd8e7b
    @@ -274,7 +274,7 @@ xmlSecOpenSSLAppKeyLoadBIO(BIO* bio, xmlSecKeyDataFormat format,
    dd8e7b
             pKey = d2i_PrivateKey_bio(bio, NULL);
    dd8e7b
             if(pKey == NULL) {
    dd8e7b
                 /* go to start of the file and try to read public key */
    dd8e7b
    -            BIO_reset(bio);
    dd8e7b
    +            (void)BIO_reset(bio);
    dd8e7b
                 pKey = d2i_PUBKEY_bio(bio, NULL);
    dd8e7b
                 if(pKey == NULL) {
    dd8e7b
                     xmlSecError(XMLSEC_ERRORS_HERE,
    dd8e7b
    diff --git a/src/openssl/digests.c b/src/openssl/digests.c
    dd8e7b
    index fa26fa6..b103035 100644
    dd8e7b
    --- a/src/openssl/digests.c
    dd8e7b
    +++ b/src/openssl/digests.c
    dd8e7b
    @@ -174,15 +174,14 @@ xmlSecOpenSSLEvpDigestInitialize(xmlSecTransformPtr transform) {
    dd8e7b
     #ifndef XMLSEC_NO_GOST
    dd8e7b
         if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3411_94Id)) {
    dd8e7b
             ctx->digest = EVP_get_digestbyname("md_gost94");
    dd8e7b
    -				if (!ctx->digest)
    dd8e7b
    -				{
    dd8e7b
    -        xmlSecError(XMLSEC_ERRORS_HERE,
    dd8e7b
    -                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
    dd8e7b
    -                    NULL,
    dd8e7b
    -                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
    dd8e7b
    -                    XMLSEC_ERRORS_NO_MESSAGE);
    dd8e7b
    -        return(-1);
    dd8e7b
    -				}
    dd8e7b
    +		if (!ctx->digest) {
    dd8e7b
    +			xmlSecError(XMLSEC_ERRORS_HERE,
    dd8e7b
    +					xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
    dd8e7b
    +					NULL,
    dd8e7b
    +					XMLSEC_ERRORS_R_INVALID_TRANSFORM,
    dd8e7b
    +					XMLSEC_ERRORS_NO_MESSAGE);
    dd8e7b
    +			return(-1);
    dd8e7b
    +		}
    dd8e7b
         } else
    dd8e7b
     #endif /* XMLSEC_NO_GOST*/
    dd8e7b
     
    dd8e7b
    diff --git a/src/openssl/evp.c b/src/openssl/evp.c
    dd8e7b
    index e042f26..464a5a3 100644
    dd8e7b
    --- a/src/openssl/evp.c
    dd8e7b
    +++ b/src/openssl/evp.c
    dd8e7b
    @@ -1060,8 +1060,8 @@ static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataEcdsaKlass = {
    dd8e7b
         NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
    dd8e7b
     
    dd8e7b
         /* read/write */
    dd8e7b
    -    NULL,           				/* xmlSecKeyDataXmlReadMethod xmlRead; */
    dd8e7b
    -    NULL,           				/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
    dd8e7b
    +    NULL,                                       /* xmlSecKeyDataXmlReadMethod xmlRead; */
    dd8e7b
    +    NULL,                                       /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
    dd8e7b
         NULL,                                       /* xmlSecKeyDataBinReadMethod binRead; */
    dd8e7b
         NULL,                                       /* xmlSecKeyDataBinWriteMethod binWrite; */
    dd8e7b
     
    dd8e7b
    @@ -1887,17 +1887,17 @@ static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataGost2001Klass = {
    dd8e7b
         /* get info */
    dd8e7b
         xmlSecOpenSSLKeyDataGost2001GetType,       /* xmlSecKeyDataGetTypeMethod getType; */
    dd8e7b
         xmlSecOpenSSLKeyDataGost2001GetSize,       /* xmlSecKeyDataGetSizeMethod getSize; */
    dd8e7b
    -    NULL,                               /* xmlSecKeyDataGetIdentifier getIdentifier; */
    dd8e7b
    +    NULL,                                      /* xmlSecKeyDataGetIdentifier getIdentifier; */
    dd8e7b
     
    dd8e7b
         /* read/write */
    dd8e7b
    -    NULL,       /* xmlSecKeyDataXmlReadMethod xmlRead; */
    dd8e7b
    -    NULL,       /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
    dd8e7b
    -    NULL,                               /* xmlSecKeyDataBinReadMethod binRead; */
    dd8e7b
    -    NULL,                               /* xmlSecKeyDataBinWriteMethod binWrite; */
    dd8e7b
    +    NULL,                                      /* xmlSecKeyDataXmlReadMethod xmlRead; */
    dd8e7b
    +    NULL,                                      /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
    dd8e7b
    +    NULL,                                      /* xmlSecKeyDataBinReadMethod binRead; */
    dd8e7b
    +    NULL,                                      /* xmlSecKeyDataBinWriteMethod binWrite; */
    dd8e7b
     
    dd8e7b
         /* debug */
    dd8e7b
         xmlSecOpenSSLKeyDataGost2001DebugDump,     /* xmlSecKeyDataDebugDumpMethod debugDump; */
    dd8e7b
    -    xmlSecOpenSSLKeyDataGost2001DebugXmlDump,/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
    dd8e7b
    +    xmlSecOpenSSLKeyDataGost2001DebugXmlDump,  /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
    dd8e7b
     
    dd8e7b
         /* reserved for the future */
    dd8e7b
         NULL,                               /* void* reserved0; */
    dd8e7b
    @@ -1941,9 +1941,9 @@ xmlSecOpenSSLKeyDataGost2001Finalize(xmlSecKeyDataPtr data) {
    dd8e7b
     
    dd8e7b
     static xmlSecKeyDataType
    dd8e7b
     xmlSecOpenSSLKeyDataGost2001GetType(xmlSecKeyDataPtr data) {
    dd8e7b
    -	/* Now I don't know how to find whether we have both private and public key 
    dd8e7b
    -	or the public only*/
    dd8e7b
    -	return(xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
    dd8e7b
    +    /* Now I don't know how to find whether we have both private and public key 
    dd8e7b
    +    or the public only*/
    dd8e7b
    +    return(xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
    dd8e7b
     }
    dd8e7b
     
    dd8e7b
     static xmlSecSize
    dd8e7b
    diff --git a/src/openssl/kt_rsa.c b/src/openssl/kt_rsa.c
    dd8e7b
    index 1cf1aba..8c022d5 100644
    dd8e7b
    --- a/src/openssl/kt_rsa.c
    dd8e7b
    +++ b/src/openssl/kt_rsa.c
    dd8e7b
    @@ -845,7 +845,12 @@ xmlSecOpenSSLRsaOaepProcess(xmlSecTransformPtr transform, xmlSecTransformCtxPtr
    dd8e7b
             }
    dd8e7b
             outSize = ret;
    dd8e7b
         } else {
    dd8e7b
    -        xmlSecAssert2("we could not be here" == NULL, -1);
    dd8e7b
    +        xmlSecError(XMLSEC_ERRORS_HERE,
    dd8e7b
    +                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
    dd8e7b
    +                    "",
    dd8e7b
    +                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
    dd8e7b
    +                    "Unexpected trasnform operation: %d; paramsSize: %d",
    dd8e7b
    +                    (int)transform->operation, (int)paramsSize);
    dd8e7b
             return(-1);
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
    diff --git a/src/openssl/signatures.c b/src/openssl/signatures.c
    dd8e7b
    index 7e3dbc7..6751ba0 100644
    dd8e7b
    --- a/src/openssl/signatures.c
    dd8e7b
    +++ b/src/openssl/signatures.c
    dd8e7b
    @@ -345,15 +345,14 @@ xmlSecOpenSSLEvpSignatureInitialize(xmlSecTransformPtr transform) {
    dd8e7b
         if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGost2001GostR3411_94Id)) {
    dd8e7b
             ctx->keyId          = xmlSecOpenSSLKeyDataGost2001Id;
    dd8e7b
             ctx->digest = EVP_get_digestbyname("md_gost94");
    dd8e7b
    -				if (!ctx->digest)
    dd8e7b
    -				{
    dd8e7b
    -        xmlSecError(XMLSEC_ERRORS_HERE,
    dd8e7b
    +        if (!ctx->digest) {
    dd8e7b
    +        	xmlSecError(XMLSEC_ERRORS_HERE,
    dd8e7b
                         xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
    dd8e7b
                         NULL,
    dd8e7b
                         XMLSEC_ERRORS_R_INVALID_TRANSFORM,
    dd8e7b
                         XMLSEC_ERRORS_NO_MESSAGE);
    dd8e7b
    -        return(-1);
    dd8e7b
    -				}
    dd8e7b
    +        	return(-1);
    dd8e7b
    +        }
    dd8e7b
         } else
    dd8e7b
     #endif /* XMLSEC_NO_GOST*/
    dd8e7b
     
    dd8e7b
    diff --git a/src/openssl/x509.c b/src/openssl/x509.c
    dd8e7b
    index 459a312..11f4571 100644
    dd8e7b
    --- a/src/openssl/x509.c
    dd8e7b
    +++ b/src/openssl/x509.c
    dd8e7b
    @@ -1941,7 +1941,7 @@ xmlSecOpenSSLX509CertBase64DerWrite(X509* cert, int base64LineWrap) {
    dd8e7b
     
    dd8e7b
         /* todo: add error checks */
    dd8e7b
         i2d_X509_bio(mem, cert);
    dd8e7b
    -    BIO_flush(mem);
    dd8e7b
    +    (void)BIO_flush(mem);
    dd8e7b
     
    dd8e7b
         size = BIO_get_mem_data(mem, &p);
    dd8e7b
         if((size <= 0) || (p == NULL)){
    dd8e7b
    @@ -2055,7 +2055,7 @@ xmlSecOpenSSLX509CrlBase64DerWrite(X509_CRL* crl, int base64LineWrap) {
    dd8e7b
     
    dd8e7b
         /* todo: add error checks */
    dd8e7b
         i2d_X509_CRL_bio(mem, crl);
    dd8e7b
    -    BIO_flush(mem);
    dd8e7b
    +    (void)BIO_flush(mem);
    dd8e7b
     
    dd8e7b
         size = BIO_get_mem_data(mem, &p);
    dd8e7b
         if((size <= 0) || (p == NULL)){
    dd8e7b
    @@ -2111,7 +2111,7 @@ xmlSecOpenSSLX509NameWrite(X509_NAME* nm) {
    dd8e7b
             return(NULL);
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
    -    BIO_flush(mem); /* should call flush ? */
    dd8e7b
    +    (void)BIO_flush(mem); /* should call flush ? */
    dd8e7b
     
    dd8e7b
         size = BIO_pending(mem);
    dd8e7b
         res = xmlMalloc(size + 1);
    dd8e7b
    diff --git a/src/openssl/x509vfy.c b/src/openssl/x509vfy.c
    dd8e7b
    index ca5a462..370694d 100644
    dd8e7b
    --- a/src/openssl/x509vfy.c
    dd8e7b
    +++ b/src/openssl/x509vfy.c
    dd8e7b
    @@ -178,7 +178,7 @@ xmlSecOpenSSLX509StoreVerify(xmlSecKeyDataStorePtr store, XMLSEC_STACK_OF_X509*
    dd8e7b
         X509 * cert;
    dd8e7b
         X509 * err_cert = NULL;
    dd8e7b
         char buf[256];
    dd8e7b
    -    int err = 0, depth;
    dd8e7b
    +    int err = 0;
    dd8e7b
         int i;
    dd8e7b
         int ret;
    dd8e7b
     
    dd8e7b
    @@ -287,49 +287,43 @@ xmlSecOpenSSLX509StoreVerify(xmlSecKeyDataStorePtr store, XMLSEC_STACK_OF_X509*
    dd8e7b
             if(xmlSecOpenSSLX509FindNextChainCert(certs2, cert) == NULL) {
    dd8e7b
                 X509_STORE_CTX xsc;
    dd8e7b
     
    dd8e7b
    -#if !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097)
    dd8e7b
    -            X509_VERIFY_PARAM * vpm = NULL;
    dd8e7b
    -            unsigned long vpm_flags = 0;
    dd8e7b
    -
    dd8e7b
    -            vpm = X509_VERIFY_PARAM_new();
    dd8e7b
    -            if(vpm == NULL) {
    dd8e7b
    -                xmlSecError(XMLSEC_ERRORS_HERE,
    dd8e7b
    -                            xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
    dd8e7b
    -                            "X509_VERIFY_PARAM_new",
    dd8e7b
    -                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
    dd8e7b
    -                            XMLSEC_ERRORS_NO_MESSAGE);
    dd8e7b
    -                goto done;
    dd8e7b
    -            }
    dd8e7b
    -            vpm_flags = vpm->flags;
    dd8e7b
    -/*
    dd8e7b
    -            vpm_flags &= (~X509_V_FLAG_X509_STRICT);
    dd8e7b
    -*/
    dd8e7b
    -            vpm_flags &= (~X509_V_FLAG_CRL_CHECK);
    dd8e7b
    -
    dd8e7b
    -            X509_VERIFY_PARAM_set_depth(vpm, 9);
    dd8e7b
    -            X509_VERIFY_PARAM_set_flags(vpm, vpm_flags);
    dd8e7b
    -#endif /* !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097) */
    dd8e7b
    -
    dd8e7b
    -
    dd8e7b
                 X509_STORE_CTX_init (&xsc, ctx->xst, cert, certs2);
    dd8e7b
    -
    dd8e7b
                 if(keyInfoCtx->certsVerificationTime > 0) {
    dd8e7b
    -#if !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097)
    dd8e7b
    -                vpm_flags |= X509_V_FLAG_USE_CHECK_TIME;
    dd8e7b
    -                X509_VERIFY_PARAM_set_time(vpm, keyInfoCtx->certsVerificationTime);
    dd8e7b
    -#endif /* !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097) */
    dd8e7b
                     X509_STORE_CTX_set_time(&xsc, 0, keyInfoCtx->certsVerificationTime);
    dd8e7b
                 }
    dd8e7b
     
    dd8e7b
     #if !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097)
    dd8e7b
    -            X509_STORE_CTX_set0_param(&xsc, vpm);
    dd8e7b
    +            {
    dd8e7b
    +                X509_VERIFY_PARAM * vpm = NULL;
    dd8e7b
    +                unsigned long vpm_flags = 0;
    dd8e7b
    +
    dd8e7b
    +                vpm = X509_VERIFY_PARAM_new();
    dd8e7b
    +                if(vpm == NULL) {
    dd8e7b
    +                    xmlSecError(XMLSEC_ERRORS_HERE,
    dd8e7b
    +                                xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
    dd8e7b
    +                                "X509_VERIFY_PARAM_new",
    dd8e7b
    +                                XMLSEC_ERRORS_R_CRYPTO_FAILED,
    dd8e7b
    +                                XMLSEC_ERRORS_NO_MESSAGE);
    dd8e7b
    +                    goto done;
    dd8e7b
    +                }
    dd8e7b
    +                vpm_flags = vpm->flags;
    dd8e7b
    +                vpm_flags &= (~X509_V_FLAG_CRL_CHECK);
    dd8e7b
    +
    dd8e7b
    +                if(keyInfoCtx->certsVerificationTime > 0) {
    dd8e7b
    +                    vpm_flags |= X509_V_FLAG_USE_CHECK_TIME;
    dd8e7b
    +                    X509_VERIFY_PARAM_set_time(vpm, keyInfoCtx->certsVerificationTime);
    dd8e7b
    +                }
    dd8e7b
    +
    dd8e7b
    +                X509_VERIFY_PARAM_set_depth(vpm, 9);
    dd8e7b
    +                X509_VERIFY_PARAM_set_flags(vpm, vpm_flags);
    dd8e7b
    +                X509_STORE_CTX_set0_param(&xsc, vpm);
    dd8e7b
    +            }
    dd8e7b
     #endif /* !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097) */
    dd8e7b
     
    dd8e7b
     
    dd8e7b
                 ret         = X509_verify_cert(&xsc);
    dd8e7b
                 err_cert    = X509_STORE_CTX_get_current_cert(&xsc);
    dd8e7b
                 err         = X509_STORE_CTX_get_error(&xsc);
    dd8e7b
    -            depth       = X509_STORE_CTX_get_error_depth(&xsc);
    dd8e7b
     
    dd8e7b
                 X509_STORE_CTX_cleanup (&xsc);
    dd8e7b
     
    dd8e7b
    diff --git a/src/parser.c b/src/parser.c
    dd8e7b
    index 990ff98..dd902d4 100644
    dd8e7b
    --- a/src/parser.c
    dd8e7b
    +++ b/src/parser.c
    dd8e7b
    @@ -159,7 +159,7 @@ xmlSecParserPushBin(xmlSecTransformPtr transform, const xmlSecByte* data,
    dd8e7b
             /* required for c14n! */
    dd8e7b
             ctx->parserCtx->loadsubset      = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
    dd8e7b
             ctx->parserCtx->replaceEntities = 1;
    dd8e7b
    -	ctx->parserCtx->options         = XML_PARSE_NONET;
    dd8e7b
    +        ctx->parserCtx->options         = XML_PARSE_NONET;
    dd8e7b
     
    dd8e7b
             transform->status = xmlSecTransformStatusWorking;
    dd8e7b
         } else if(transform->status == xmlSecTransformStatusFinished) {
    dd8e7b
    @@ -317,7 +317,7 @@ xmlSecParserPopXml(xmlSecTransformPtr transform, xmlSecNodeSetPtr* nodes,
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
         ret = inputPush(ctxt, input);
    dd8e7b
    -    if(input == NULL) {
    dd8e7b
    +    if(ret < 0) {
    dd8e7b
             xmlSecError(XMLSEC_ERRORS_HERE,
    dd8e7b
                         xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
    dd8e7b
                         "inputPush",
    dd8e7b
    diff --git a/src/transforms.c b/src/transforms.c
    dd8e7b
    index 8a2ded2..d384a0e 100644
    dd8e7b
    --- a/src/transforms.c
    dd8e7b
    +++ b/src/transforms.c
    dd8e7b
    @@ -355,7 +355,7 @@ xmlSecTransformCtxCreate(void) {
    dd8e7b
                         NULL,
    dd8e7b
                         NULL,
    dd8e7b
                         XMLSEC_ERRORS_R_MALLOC_FAILED,
    dd8e7b
    -                    "size=%d", sizeof(xmlSecTransformCtx));
    dd8e7b
    +                    "size=%d", (int)sizeof(xmlSecTransformCtx));
    dd8e7b
             return(NULL);
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
    @@ -876,7 +876,7 @@ xmlSecTransformCtxSetUri(xmlSecTransformCtxPtr ctx, const xmlChar* uri, xmlNodeP
    dd8e7b
                         NULL,
    dd8e7b
                         NULL,
    dd8e7b
                         XMLSEC_ERRORS_R_STRDUP_FAILED,
    dd8e7b
    -                    "size=%d", xptr - uri);
    dd8e7b
    +                    "size=%d", (int)(xptr - uri));
    dd8e7b
             return(-1);
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
    @@ -932,6 +932,9 @@ xmlSecTransformCtxSetUri(xmlSecTransformCtxPtr ctx, const xmlChar* uri, xmlNodeP
    dd8e7b
                             XMLSEC_ERRORS_R_XMLSEC_FAILED,
    dd8e7b
                             "transform=%s",
    dd8e7b
                             xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformXPointerId)));
    dd8e7b
    +            if(buf != NULL) {
    dd8e7b
    +                xmlFree(buf);
    dd8e7b
    +            }
    dd8e7b
                 return(-1);
    dd8e7b
             }
    dd8e7b
     
    dd8e7b
    @@ -965,6 +968,9 @@ xmlSecTransformCtxSetUri(xmlSecTransformCtxPtr ctx, const xmlChar* uri, xmlNodeP
    dd8e7b
                             XMLSEC_ERRORS_R_XMLSEC_FAILED,
    dd8e7b
                             "transform=%s",
    dd8e7b
                             xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformVisa3DHackId)));
    dd8e7b
    +            if(buf != NULL) {
    dd8e7b
    +                xmlFree(buf);
    dd8e7b
    +            }
    dd8e7b
                 return(-1);
    dd8e7b
             }
    dd8e7b
     
    dd8e7b
    @@ -2810,7 +2816,7 @@ xmlSecTransformIOBufferCreate(xmlSecTransformIOBufferMode mode, xmlSecTransformP
    dd8e7b
                         NULL,
    dd8e7b
                         NULL,
    dd8e7b
                         XMLSEC_ERRORS_R_MALLOC_FAILED,
    dd8e7b
    -                    "size=%d", sizeof(xmlSecTransformIOBuffer));
    dd8e7b
    +                    "size=%d", (int)sizeof(xmlSecTransformIOBuffer));
    dd8e7b
             return(NULL);
    dd8e7b
         }
    dd8e7b
         memset(buffer, 0, sizeof(xmlSecTransformIOBuffer));
    dd8e7b
    diff --git a/src/xmldsig.c b/src/xmldsig.c
    dd8e7b
    index b08b8b1..10ba03f 100644
    dd8e7b
    --- a/src/xmldsig.c
    dd8e7b
    +++ b/src/xmldsig.c
    dd8e7b
    @@ -73,7 +73,7 @@ xmlSecDSigCtxCreate(xmlSecKeysMngrPtr keysMngr) {
    dd8e7b
                         NULL,
    dd8e7b
                         XMLSEC_ERRORS_R_MALLOC_FAILED,
    dd8e7b
                         "sizeof(xmlSecDSigCtx)=%d",
    dd8e7b
    -                    sizeof(xmlSecDSigCtx));
    dd8e7b
    +                    (int)sizeof(xmlSecDSigCtx));
    dd8e7b
             return(NULL);
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
    @@ -160,10 +160,26 @@ xmlSecDSigCtxInitialize(xmlSecDSigCtxPtr dsigCtx, xmlSecKeysMngrPtr keysMngr) {
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
         /* references lists from SignedInfo and Manifest elements */
    dd8e7b
    -    xmlSecPtrListInitialize(&(dsigCtx->signedInfoReferences),
    dd8e7b
    -                            xmlSecDSigReferenceCtxListId);
    dd8e7b
    -    xmlSecPtrListInitialize(&(dsigCtx->manifestReferences),
    dd8e7b
    -                            xmlSecDSigReferenceCtxListId);
    dd8e7b
    +    ret = xmlSecPtrListInitialize(&(dsigCtx->signedInfoReferences),
    dd8e7b
    +                                  xmlSecDSigReferenceCtxListId);
    dd8e7b
    +    if(ret != 0) {
    dd8e7b
    +        xmlSecError(XMLSEC_ERRORS_HERE,
    dd8e7b
    +                    NULL,
    dd8e7b
    +                    "xmlSecPtrListInitialize",
    dd8e7b
    +                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
    dd8e7b
    +                    XMLSEC_ERRORS_NO_MESSAGE);
    dd8e7b
    +        return(ret);
    dd8e7b
    +    }
    dd8e7b
    +    ret = xmlSecPtrListInitialize(&(dsigCtx->manifestReferences),
    dd8e7b
    +                                  xmlSecDSigReferenceCtxListId);
    dd8e7b
    +    if(ret != 0) {
    dd8e7b
    +        xmlSecError(XMLSEC_ERRORS_HERE,
    dd8e7b
    +                    NULL,
    dd8e7b
    +                    "xmlSecPtrListInitialize",
    dd8e7b
    +                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
    dd8e7b
    +                    XMLSEC_ERRORS_NO_MESSAGE);
    dd8e7b
    +        return(ret);
    dd8e7b
    +    }
    dd8e7b
     
    dd8e7b
         dsigCtx->enabledReferenceUris = xmlSecTransformUriTypeAny;
    dd8e7b
         return(0);
    dd8e7b
    @@ -773,7 +789,9 @@ xmlSecDSigCtxProcessSignedInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
    dd8e7b
         dsigCtx->signMethod->operation = dsigCtx->operation;
    dd8e7b
     
    dd8e7b
         /* calculate references */
    dd8e7b
    -    cur = xmlSecGetNextElementNode(cur->next);
    dd8e7b
    +    if(cur != NULL) {
    dd8e7b
    +        cur = xmlSecGetNextElementNode(cur->next);
    dd8e7b
    +    }
    dd8e7b
         while((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeReference, xmlSecDSigNs))) {
    dd8e7b
             /* create reference */
    dd8e7b
             dsigRefCtx = xmlSecDSigReferenceCtxCreate(dsigCtx, xmlSecDSigReferenceOriginSignedInfo);
    dd8e7b
    @@ -1118,9 +1136,9 @@ xmlSecDSigCtxDebugDump(xmlSecDSigCtxPtr dsigCtx, FILE* output) {
    dd8e7b
            (xmlSecBufferGetData(dsigCtx->result) != NULL)) {
    dd8e7b
     
    dd8e7b
             fprintf(output, "== Result - start buffer:\n");
    dd8e7b
    -        fwrite(xmlSecBufferGetData(dsigCtx->result),
    dd8e7b
    -               xmlSecBufferGetSize(dsigCtx->result),
    dd8e7b
    -               1, output);
    dd8e7b
    +        (void)fwrite(xmlSecBufferGetData(dsigCtx->result),
    dd8e7b
    +                     xmlSecBufferGetSize(dsigCtx->result),
    dd8e7b
    +                     1, output);
    dd8e7b
             fprintf(output, "\n== Result - end buffer\n");
    dd8e7b
         }
    dd8e7b
         if(((dsigCtx->flags & XMLSEC_DSIG_FLAGS_STORE_SIGNATURE) != 0) &&
    dd8e7b
    @@ -1128,9 +1146,9 @@ xmlSecDSigCtxDebugDump(xmlSecDSigCtxPtr dsigCtx, FILE* output) {
    dd8e7b
            (xmlSecBufferGetData(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)) != NULL)) {
    dd8e7b
     
    dd8e7b
             fprintf(output, "== PreSigned data - start buffer:\n");
    dd8e7b
    -        fwrite(xmlSecBufferGetData(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)),
    dd8e7b
    -               xmlSecBufferGetSize(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)),
    dd8e7b
    -               1, output);
    dd8e7b
    +        (void)fwrite(xmlSecBufferGetData(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)),
    dd8e7b
    +                     xmlSecBufferGetSize(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)),
    dd8e7b
    +                     1, output);
    dd8e7b
             fprintf(output, "\n== PreSigned data - end buffer\n");
    dd8e7b
         }
    dd8e7b
     }
    dd8e7b
    @@ -1207,9 +1225,9 @@ xmlSecDSigCtxDebugXmlDump(xmlSecDSigCtxPtr dsigCtx, FILE* output) {
    dd8e7b
            (xmlSecBufferGetData(dsigCtx->result) != NULL)) {
    dd8e7b
     
    dd8e7b
             fprintf(output, "<Result>");
    dd8e7b
    -        fwrite(xmlSecBufferGetData(dsigCtx->result),
    dd8e7b
    -               xmlSecBufferGetSize(dsigCtx->result),
    dd8e7b
    -               1, output);
    dd8e7b
    +        (void)fwrite(xmlSecBufferGetData(dsigCtx->result),
    dd8e7b
    +                     xmlSecBufferGetSize(dsigCtx->result),
    dd8e7b
    +                     1, output);
    dd8e7b
             fprintf(output, "</Result>\n");
    dd8e7b
         }
    dd8e7b
         if(((dsigCtx->flags & XMLSEC_DSIG_FLAGS_STORE_SIGNATURE) != 0) &&
    dd8e7b
    @@ -1217,9 +1235,9 @@ xmlSecDSigCtxDebugXmlDump(xmlSecDSigCtxPtr dsigCtx, FILE* output) {
    dd8e7b
            (xmlSecBufferGetData(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)) != NULL)) {
    dd8e7b
     
    dd8e7b
             fprintf(output, "<PreSignedData>");
    dd8e7b
    -        fwrite(xmlSecBufferGetData(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)),
    dd8e7b
    -               xmlSecBufferGetSize(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)),
    dd8e7b
    -               1, output);
    dd8e7b
    +        (void)fwrite(xmlSecBufferGetData(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)),
    dd8e7b
    +                     xmlSecBufferGetSize(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)),
    dd8e7b
    +                     1, output);
    dd8e7b
             fprintf(output, "</PreSignedData>\n");
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
    @@ -1260,7 +1278,7 @@ xmlSecDSigReferenceCtxCreate(xmlSecDSigCtxPtr dsigCtx, xmlSecDSigReferenceOrigin
    dd8e7b
                         NULL,
    dd8e7b
                         XMLSEC_ERRORS_R_MALLOC_FAILED,
    dd8e7b
                         "sizeof(xmlSecDSigReferenceCtx)=%d",
    dd8e7b
    -                    sizeof(xmlSecDSigReferenceCtx));
    dd8e7b
    +                    (int)sizeof(xmlSecDSigReferenceCtx));
    dd8e7b
             return(NULL);
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
    @@ -1669,9 +1687,9 @@ xmlSecDSigReferenceCtxDebugDump(xmlSecDSigReferenceCtxPtr dsigRefCtx, FILE* outp
    dd8e7b
            (xmlSecBufferGetData(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)) != NULL)) {
    dd8e7b
     
    dd8e7b
             fprintf(output, "== PreDigest data - start buffer:\n");
    dd8e7b
    -        fwrite(xmlSecBufferGetData(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)),
    dd8e7b
    -               xmlSecBufferGetSize(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)),
    dd8e7b
    -               1, output);
    dd8e7b
    +        (void)fwrite(xmlSecBufferGetData(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)),
    dd8e7b
    +                     xmlSecBufferGetSize(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)),
    dd8e7b
    +                     1, output);
    dd8e7b
             fprintf(output, "\n== PreDigest data - end buffer\n");
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
    @@ -1679,9 +1697,9 @@ xmlSecDSigReferenceCtxDebugDump(xmlSecDSigReferenceCtxPtr dsigRefCtx, FILE* outp
    dd8e7b
            (xmlSecBufferGetData(dsigRefCtx->result) != NULL)) {
    dd8e7b
     
    dd8e7b
             fprintf(output, "== Result - start buffer:\n");
    dd8e7b
    -        fwrite(xmlSecBufferGetData(dsigRefCtx->result),
    dd8e7b
    -               xmlSecBufferGetSize(dsigRefCtx->result), 1,
    dd8e7b
    -               output);
    dd8e7b
    +        (void)fwrite(xmlSecBufferGetData(dsigRefCtx->result),
    dd8e7b
    +                     xmlSecBufferGetSize(dsigRefCtx->result), 1,
    dd8e7b
    +                     output);
    dd8e7b
             fprintf(output, "\n== Result - end buffer\n");
    dd8e7b
         }
    dd8e7b
     }
    dd8e7b
    @@ -1742,9 +1760,9 @@ xmlSecDSigReferenceCtxDebugXmlDump(xmlSecDSigReferenceCtxPtr dsigRefCtx, FILE* o
    dd8e7b
            (xmlSecBufferGetData(dsigRefCtx->result) != NULL)) {
    dd8e7b
     
    dd8e7b
             fprintf(output, "<Result>");
    dd8e7b
    -        fwrite(xmlSecBufferGetData(dsigRefCtx->result),
    dd8e7b
    -               xmlSecBufferGetSize(dsigRefCtx->result), 1,
    dd8e7b
    -               output);
    dd8e7b
    +        (void)fwrite(xmlSecBufferGetData(dsigRefCtx->result),
    dd8e7b
    +                     xmlSecBufferGetSize(dsigRefCtx->result), 1,
    dd8e7b
    +                     output);
    dd8e7b
             fprintf(output, "</Result>\n");
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
    @@ -1752,9 +1770,9 @@ xmlSecDSigReferenceCtxDebugXmlDump(xmlSecDSigReferenceCtxPtr dsigRefCtx, FILE* o
    dd8e7b
            (xmlSecBufferGetData(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)) != NULL)) {
    dd8e7b
     
    dd8e7b
             fprintf(output, "<PreDigestData>");
    dd8e7b
    -        fwrite(xmlSecBufferGetData(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)),
    dd8e7b
    -               xmlSecBufferGetSize(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)),
    dd8e7b
    -               1, output);
    dd8e7b
    +        (void)fwrite(xmlSecBufferGetData(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)),
    dd8e7b
    +                     xmlSecBufferGetSize(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)),
    dd8e7b
    +                     1, output);
    dd8e7b
             fprintf(output, "</PreDigestData>\n");
    dd8e7b
         }
    dd8e7b
         if(dsigRefCtx->dsigCtx->operation == xmlSecTransformOperationSign) {
    dd8e7b
    diff --git a/src/xmlenc.c b/src/xmlenc.c
    dd8e7b
    index 44c9877..3d4e0d2 100644
    dd8e7b
    --- a/src/xmlenc.c
    dd8e7b
    +++ b/src/xmlenc.c
    dd8e7b
    @@ -65,7 +65,7 @@ xmlSecEncCtxCreate(xmlSecKeysMngrPtr keysMngr) {
    dd8e7b
                         NULL,
    dd8e7b
                         XMLSEC_ERRORS_R_MALLOC_FAILED,
    dd8e7b
                         "sizeof(xmlSecEncCtx)=%d",
    dd8e7b
    -                    sizeof(xmlSecEncCtx));
    dd8e7b
    +                    (int)sizeof(xmlSecEncCtx));
    dd8e7b
             return(NULL);
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
    @@ -1218,9 +1218,9 @@ xmlSecEncCtxDebugDump(xmlSecEncCtxPtr encCtx, FILE* output) {
    dd8e7b
            (encCtx->resultBase64Encoded != 0)) {
    dd8e7b
     
    dd8e7b
             fprintf(output, "== Result - start buffer:\n");
    dd8e7b
    -        fwrite(xmlSecBufferGetData(encCtx->result),
    dd8e7b
    -               xmlSecBufferGetSize(encCtx->result), 1,
    dd8e7b
    -               output);
    dd8e7b
    +        (void)fwrite(xmlSecBufferGetData(encCtx->result),
    dd8e7b
    +                     xmlSecBufferGetSize(encCtx->result), 1,
    dd8e7b
    +                     output);
    dd8e7b
             fprintf(output, "\n== Result - end buffer\n");
    dd8e7b
         }
    dd8e7b
     }
    dd8e7b
    @@ -1311,9 +1311,9 @@ xmlSecEncCtxDebugXmlDump(xmlSecEncCtxPtr encCtx, FILE* output) {
    dd8e7b
            (encCtx->resultBase64Encoded != 0)) {
    dd8e7b
     
    dd8e7b
             fprintf(output, "<Result>");
    dd8e7b
    -        fwrite(xmlSecBufferGetData(encCtx->result),
    dd8e7b
    -               xmlSecBufferGetSize(encCtx->result), 1,
    dd8e7b
    -               output);
    dd8e7b
    +        (void)fwrite(xmlSecBufferGetData(encCtx->result),
    dd8e7b
    +                     xmlSecBufferGetSize(encCtx->result), 1,
    dd8e7b
    +                     output);
    dd8e7b
             fprintf(output, "</Result>\n");
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
    diff --git a/src/xpath.c b/src/xpath.c
    dd8e7b
    index e67631e..2c96192 100644
    dd8e7b
    --- a/src/xpath.c
    dd8e7b
    +++ b/src/xpath.c
    dd8e7b
    @@ -91,7 +91,7 @@ xmlSecXPathDataCreate(xmlSecXPathDataType type) {
    dd8e7b
                         NULL,
    dd8e7b
                         XMLSEC_ERRORS_R_MALLOC_FAILED,
    dd8e7b
                         "sizeof(xmlSecXPathData)=%d",
    dd8e7b
    -                    sizeof(xmlSecXPathData));
    dd8e7b
    +                    (int)sizeof(xmlSecXPathData));
    dd8e7b
             return(NULL);
    dd8e7b
         }
    dd8e7b
         memset(data, 0, sizeof(xmlSecXPathData));
    dd8e7b
    @@ -285,17 +285,17 @@ xmlSecXPathDataExecute(xmlSecXPathDataPtr data, xmlDocPtr doc, xmlNodePtr hereNo
    dd8e7b
         to reserve NULL for our own purposes so we simply create an empty
    dd8e7b
         node set here */
    dd8e7b
         if(xpathObj->nodesetval == NULL) {
    dd8e7b
    -	xpathObj->nodesetval = xmlXPathNodeSetCreate(NULL);
    dd8e7b
    -	if(xpathObj->nodesetval == NULL) {
    dd8e7b
    -		xmlXPathFreeObject(xpathObj);
    dd8e7b
    -		xmlSecError(XMLSEC_ERRORS_HERE,
    dd8e7b
    -			NULL,
    dd8e7b
    +    	xpathObj->nodesetval = xmlXPathNodeSetCreate(NULL);
    dd8e7b
    +    	if(xpathObj->nodesetval == NULL) {
    dd8e7b
    +    		xmlXPathFreeObject(xpathObj);
    dd8e7b
    +    		xmlSecError(XMLSEC_ERRORS_HERE,
    dd8e7b
    +        				NULL,
    dd8e7b
                             "xmlXPathNodeSetCreate",
    dd8e7b
                             XMLSEC_ERRORS_R_XML_FAILED,
    dd8e7b
                             "expr=%s",
    dd8e7b
                             xmlSecErrorsSafeString(data->expr));
    dd8e7b
    -            	return(NULL);
    dd8e7b
    -	}
    dd8e7b
    +    		return(NULL);
    dd8e7b
    +    	}
    dd8e7b
         }
    dd8e7b
     
    dd8e7b
         nodes = xmlSecNodeSetCreate(doc, xpathObj->nodesetval, data->nodeSetType);
    dd8e7b
    @@ -613,7 +613,7 @@ xmlSecTransformXPathNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlS
    dd8e7b
                         NULL,
    dd8e7b
                         XMLSEC_ERRORS_R_MALLOC_FAILED,
    dd8e7b
                         "size=%d",
    dd8e7b
    -                    xmlStrlen(data->expr) + strlen(xpathPattern) + 1);
    dd8e7b
    +                    (int)(xmlStrlen(data->expr) + strlen(xpathPattern) + 1));
    dd8e7b
             return(-1);
    dd8e7b
         }
    dd8e7b
         sprintf((char*)tmp, xpathPattern, (char*)data->expr);
    dd8e7b
    diff --git a/src/xslt.c b/src/xslt.c
    dd8e7b
    index 0353a25..0a010bd 100644
    dd8e7b
    --- a/src/xslt.c
    dd8e7b
    +++ b/src/xslt.c
    dd8e7b
    @@ -584,7 +584,7 @@ xmlSecXsApplyStylesheet(xmlSecXsltCtxPtr ctx, xmlDocPtr doc) {
    dd8e7b
                         XMLSEC_ERRORS_R_XSLT_FAILED,
    dd8e7b
                         XMLSEC_ERRORS_NO_MESSAGE);
    dd8e7b
             goto done;
    dd8e7b
    -    }	    
    dd8e7b
    +    }
    dd8e7b
     
    dd8e7b
         /* set security prefs  */
    dd8e7b
         ret = xsltSetCtxtSecurityPrefs(g_xslt_default_security_prefs, xsltCtx);