Splint 3.1.1 reviewDownload
Splint is a tool for statically checking C programs for security vulnerabilities and programming mistakes. Splint does many of th
Splint is a tool for statically checking C programs for security vulnerabilities and programming mistakes.
Splint does many of the traditional lint checks including unused declarations, type inconsistencies, use before definition, unreachable code, ignored return values, execution paths with no return, likely infinite loops, and fall through cases.
More powerful checks are made possible by additional information given in source code annotations. Annotations are stylized comments that document assumptions about functions, variables, parameters and types.
In addition to the checks specifically enabled by annotations, many of the traditional lint checks are improved by exploiting this additional information.
As more effort is put into annotating programs, better checking results. A representational effort-benefit curve for using Splint is shown in Figure 1.
Splint is designed to be flexible and allow programmers to select appropriate points on the effort-benefit curve for particular projects.
As different checks are turned on and more information is given in code annotations the number of bugs that can be detected increases dramatically.
Problems detected by Splint include:
Dereferencing a possibly null pointer
Using possibly undefined storage or returning storage that is not properly defined
Type mismatches, with greater precision and flexibility than provided by C compilers
Violations of information hiding
Memory management errors including uses of dangling references and memory leaks
Modifications and global variable uses that are inconsistent with specified interfaces
Problematic control flow such as likely infinite loops, fall through cases or incomplete switches, and suspicious statements
Buffer overflow vulnerabilities
Dangerous macro implementations or invocations
Violations of customized naming conventions.
Splint 3.1.1 search tags