fix: resolve signed/unsigned mismatches and incomplete size_t propagation

Keep masking offset as signed int in msc_logging.c to prevent
negative pos from disabling sanitization via unsigned comparison.
Propagate size_t to loop indices, function signatures, and format
specifiers. Revert size_t where downstream consumers are all int.

Author: fzipi

apache2/msc_crypt.c

@@ -700,7 +700,7 @@ int do_hash_method(modsec_rec *msr, char *link, int type)   {
 int hash_response_body_links(modsec_rec *msr)   {
     int lsize = 0, fsize = 0, lcount = 0, fcount = 0, i;
     int isize = 0, icount = 0, frsize = 0, frcount = 0;
-    size_t bytes = 0;
+    int bytes = 0;
     xmlXPathContextPtr  xpathCtx = NULL;
     xmlXPathObjectPtr   xpathObj = NULL;
     xmlChar *content_option = NULL;

apache2/msc_logging.c

@@ -334,7 +334,7 @@ static void sanitize_request_line(modsec_rec *msr) {
                         arg_max = 1;
                         while((*pat != '\0')&&(j--)) {
                             if(arg_max > mparm->pad_2)  {
-                                size_t off = (strlen(mparm->value) - arg_max);
+                                int off = (int)strlen(mparm->value) - arg_max;
                                 int pos = (mparm->pad_1-1);
                                 if(off > pos)    {
                                     *pat = '*';
@@ -829,7 +829,7 @@ void sec_audit_logger_json(modsec_rec *msr) {
                             arg_max = 1;
                             while((*pat != '\0')&&(j--)) {
                                 if(arg_max > mparm->pad_2)  {
-                                    size_t off = strlen(mparm->value) - arg_max;
+                                    int off = (int)strlen(mparm->value) - arg_max;
                                     int pos = mparm->pad_1-1;
                                     if(off > pos)    {
                                         *pat = '*';
@@ -1086,7 +1086,7 @@ void sec_audit_logger_json(modsec_rec *msr) {
                                 arg_max = 1;
                                 while((*pat != '\0')&&(j--)) {
                                     if(arg_max > mparm->pad_2)  {
-                                        size_t off = strlen(mparm->value) - arg_max;
+                                        int off = (int)strlen(mparm->value) - arg_max;
                                         int pos = mparm->pad_1-1;
                                         if(off > pos)    {
                                             *pat = '*';
@@ -1686,7 +1686,7 @@ void sec_audit_logger_native(modsec_rec *msr) {
                             arg_max = 1;
                             while((*pat != '\0')&&(j--)) {
                                 if(arg_max > mparm->pad_2)  {
-                                    size_t off = strlen(mparm->value) - arg_max;
+                                    int off = (int)strlen(mparm->value) - arg_max;
                                     int pos = mparm->pad_1-1;
                                     if(off > pos)    {
                                         *pat = '*';
@@ -1934,7 +1934,7 @@ void sec_audit_logger_native(modsec_rec *msr) {
                                 arg_max = 1;
                                 while((*pat != '\0')&&(j--)) {
                                     if(arg_max > mparm->pad_2)  {
-                                        size_t off = strlen(mparm->value) - arg_max;
+                                        int off = (int)strlen(mparm->value) - arg_max;
                                         int pos = mparm->pad_1-1;
                                         if(off > pos)    {
                                             *pat = '*';

apache2/msc_multipart.c

@@ -22,7 +22,7 @@
 
 void validate_quotes(modsec_rec *msr, char *data, char quote)  {
     assert(msr != NULL);
-    int i;
+    size_t i;
     size_t len;
 
     if(msr->mpd == NULL)
@@ -43,7 +43,7 @@ void validate_quotes(modsec_rec *msr, char *data, char quote)  {
 
         if(data[i] == '\'') {
             if (msr->txcfg->debuglog_level >= 9) {
-                msr_log(msr, 9, "Multipart: Invalid quoting detected: %s length %d bytes",
+                msr_log(msr, 9, "Multipart: Invalid quoting detected: %s length %zu bytes",
                         log_escape_nq(msr->mp, data), len);
             }
             msr->mpd->flag_invalid_quoting = 1;

apache2/msc_util.c

@@ -277,9 +277,9 @@ unsigned char is_netmask_v6(char *ip_strv6) {
 char *parse_pm_content(const char *op_parm, size_t op_len, msre_rule *rule, char **error_msg)  {
     char *parm = NULL;
     char *content = NULL;
-    unsigned short int offset = 0;
+    size_t offset = 0;
     char converted = 0;
-    int i, x;
+    size_t i, x;
     unsigned char bin = 0, esc = 0, bin_offset = 0;
     unsigned char c = 0;
     unsigned char bin_parm[3] = { 0 };

apache2/re_operators.c

@@ -1362,7 +1362,7 @@ static int msre_op_pmFromFile_param_init(msre_rule *rule, char **error_msg) {
     char *end = NULL;
     const char *rulefile_path;
     char *processed = NULL;
-    unsigned short int op_len;
+    size_t op_len;
     apr_status_t rc;
     apr_file_t *fd = NULL;
     ACMP *p;
@@ -1703,7 +1703,7 @@ static const char *gsb_reduce_char(apr_pool_t *pool, const char *domain) {
  * \retval 1 On Match
  * \retval 0 On No Match
  */
-static int verify_gsb(gsb_db *gsb, modsec_rec *msr, const char *match, unsigned int match_length) {
+static int verify_gsb(gsb_db *gsb, modsec_rec *msr, const char *match, size_t match_length) {
     assert(gsb != NULL);
     assert(msr != NULL);
     assert(match != NULL);

apache2/re_variables.c

@@ -2484,7 +2484,7 @@ static int var_full_request_generate(modsec_rec *msr, msre_var *var,
     char *full_request = NULL;
     int full_request_length = 0;
     int headers_length = 0;
-    size_t request_line_length = 0;
+    int request_line_length = 0;
 
     arr = apr_table_elts(msr->request_headers);
     headers_length = msc_headers_to_buffer(arr, NULL, 0);