This article needs additional citations for verification. (March 2013) |
| Splint | |
|---|---|
| Developer | The Splint Developers |
| Stable release | 3.1.2
/ July 12, 2007 |
| Operating system | Cross-platform |
| Type | Static code analysis |
| License | GPL |
| Website | www |
| Repository | github |
Splint, short for Secure Programming Lint, is a programming tool for statically checking C programs for security vulnerabilities and coding mistakes. Formerly called LCLint, it is a modern version of the Unix lint tool.
Splint has the ability to interpret special annotations to the source code, which gives it stronger checking than is possible just by looking at the source alone. Splint is used by gpsd as part of an effort to design for zero defects.[1]
Splint is free software released under the terms of the GNU General Public License.
Main development activity on Splint stopped in 2010. According to the CVS at SourceForge, as of September 2012 the most recent change in the repository was in November 2010.[2] A Git repository at GitHub has more recent changes, starting in July 2019.[3]
Example
edit#include <stdio.h>
int main()
{
char c;
while (c != 'x');
{
c = getchar();
if (c = 'x')
return 0;
switch (c) {
case '\n':
case '\r':
printf("Newline\n");
default:
printf("%c",c);
}
}
return 0;
}
Splint's output:
Variable c used before definition Suspected infinite loop. No value used in loop test (c) is modified by test or loop body. Assignment of int to char: c = getchar() Test expression for if is assignment expression: c = 'x' Test expression for if not boolean, type char: c = 'x' Fall through case (no preceding break)
Fixed source:
#include <stdio.h>
int main()
{
int c = 0; // Added an initial assignment definition.
while (c != 'x') {
c = getchar(); // Corrected type of c to int
if (c == 'x') // Fixed the assignment error to make it a comparison operator.
return 0;
switch (c) {
case '\n':
case '\r':
printf("Newline\n");
break; // Added break statement to prevent fall-through.
default:
printf("%c",c);
break; //Added break statement to default catch, out of good practice.
}
}
return 0;
}
See also
edit
References
edit- ^ Raymond (2012). Brown, Amy; Wison, Greg (eds.). The Architecture of Open Source Applications, Volume II (Eric ed.). Lulu. ISBN 9781105571817.
- ^ "Splint project CVS statistics". Retrieved 2012-09-11.
- ^ "Splint project git history". GitHub. Retrieved 2020-09-16.
External links
edit
 | This programming-tool-related article is a stub. You can help Wikipedia by adding missing information. |
