8 files changed, 13 insertions, 9 deletions

diff --git a/src/firejail/Makefile.in b/src/firejail/Makefile.in
index 1f7b563c4..fca86be4d 100644
--- a/src/firejail/Makefile.in
+++ b/src/firejail/Makefile.in
@@ -12,7 +12,7 @@ H_FILE_LIST       = $(wildcard *.[h])
 C_FILE_LIST       = $(wildcard *.c)
 OBJS = $(C_FILE_LIST:.c=.o)
 BINOBJS =  $(foreach file, $(OBJS), $file)
-CFLAGS += -ggdb -O2 -DVERSION='"$(VERSION)"' -DPREFIX='"$(PREFIX)"' $(HAVE_SECCOMP) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_BIND) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security
+CFLAGS += -ggdb -W -Wall -Werror -O2 -DVERSION='"$(VERSION)"' -DPREFIX='"$(PREFIX)"' $(HAVE_SECCOMP) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_BIND) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security
 LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread
 
 %.o : %.c $(H_FILE_LIST)
diff --git a/src/firejail/fs.c b/src/firejail/fs.c
index 38946c8d9..428ea0819 100644
--- a/src/firejail/fs.c
+++ b/src/firejail/fs.c
@@ -199,7 +199,7 @@ static void globbing(OPERATION op, const char *fname, const char *emptydir, cons
                 glob_t globbuf;
                 globbuf.gl_offs = 0;
                 glob(fname, GLOB_DOOFFS, NULL, &globbuf);
-                int i;
+                unsigned int i;
                 for (i = 0; i < globbuf.gl_pathc; i++) {
                         assert(globbuf.gl_pathv[i]);
                         disable_file(op, globbuf.gl_pathv[i], emptydir, emptyfile);
diff --git a/src/firejail/main.c b/src/firejail/main.c
index 3c7a8401e..14a5d9d47 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -175,7 +175,7 @@ static inline Bridge *last_bridge_configured(void) {
 static int read_pid(char *str, pid_t *pid) {
         char *endptr;
         errno = 0;
-        pid_t pidtmp = strtol(str, &endptr, 10);
+        long int pidtmp = strtol(str, &endptr, 10);
         if ((errno == ERANGE && (pidtmp == LONG_MAX || pidtmp == LONG_MIN))
                 || (errno != 0 && pidtmp == 0)) {
                 return 1;
@@ -183,7 +183,7 @@ static int read_pid(char *str, pid_t *pid) {
         if (endptr == str) {
                 return 1;
         }
-        *pid = pidtmp;
+        *pid = (pid_t)pidtmp;
         return 0;
 }
 
diff --git a/src/firejail/netfilter.c b/src/firejail/netfilter.c
index fd8a9b2f3..da13d8092 100644
--- a/src/firejail/netfilter.c
+++ b/src/firejail/netfilter.c
@@ -79,7 +79,7 @@ void netfilter(const char *fname) {
                 }
 
                 size_t sz = fread(filter, 1, s.st_size, fp);
-                if (sz != s.st_size) {
+                if ((off_t)sz != s.st_size) {
                         fprintf(stderr, "Error: cannot read network filter file\n");
                         exit(1);
                 }
diff --git a/src/firejail/profile.c b/src/firejail/profile.c
index 39b0710cb..e9a2e55a3 100644
--- a/src/firejail/profile.c
+++ b/src/firejail/profile.c
@@ -69,7 +69,7 @@ static void check_file_name(char *ptr, int lineno) {
 
         int len = strlen(ptr);
         // file globbing ('*') is allowed
-        if (strcspn(ptr, "\\&!?\"'<>%^(){}[];,") != len) {
+        if (strcspn(ptr, "\\&!?\"'<>%^(){}[];,") != (size_t)len) {
                 if (lineno == 0)
                         fprintf(stderr, "Error: \"%s\" is an invalid filename\n", ptr);
                 else
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c
index 2cdc67d1c..a97b3e77b 100644
--- a/src/firejail/sandbox.c
+++ b/src/firejail/sandbox.c
@@ -130,6 +130,9 @@ static void chk_chroot(void) {
 }
 
 int sandbox(void* sandbox_arg) {
+        // Get rid of unused parameter warning
+        (void)sandbox_arg;
+
         pid_t child_pid = getpid();
         if (arg_debug)
                 printf("Initializing child process\n"); 
diff --git a/src/firejail/seccomp.c b/src/firejail/seccomp.c
index d00a335c6..c1243cd42 100644
--- a/src/firejail/seccomp.c
+++ b/src/firejail/seccomp.c
@@ -337,7 +337,7 @@ static void write_seccomp_file(void) {
                 printf("Save seccomp filter, size %lu bytes\n", sfilter_index * sizeof(struct sock_filter));
         errno = 0;
         ssize_t sz = write(fd, sfilter, sfilter_index * sizeof(struct sock_filter));
-        if (sz != (sfilter_index * sizeof(struct sock_filter))) {
+        if (sz != (ssize_t)(sfilter_index * sizeof(struct sock_filter))) {
                 fprintf(stderr, "Error: cannot save seccomp filter\n");
                 exit(1);
         }
diff --git a/src/firejail/util.c b/src/firejail/util.c
index 95409129a..29eb101fb 100644
--- a/src/firejail/util.c
+++ b/src/firejail/util.c
@@ -391,7 +391,8 @@ void extract_command_name(const char *str) {
 
 
 void update_map(char *mapping, char *map_file) {
-        int fd, j;
+        int fd;
+        size_t j;
         size_t map_len;                           /* Length of 'mapping' */
 
         /* Replace commas in mapping string with newlines */
@@ -407,7 +408,7 @@ void update_map(char *mapping, char *map_file) {
                 exit(EXIT_FAILURE);
         }
 
-        if (write(fd, mapping, map_len) != map_len) {
+        if (write(fd, mapping, map_len) != (ssize_t)map_len) {
                 fprintf(stderr, "Error: cannot write to %s: %s\n", map_file, strerror(errno));
                 exit(EXIT_FAILURE);
         }