Splint (programming tool)

Splint (programming tool)

Infobox_Software
name = Splint


caption =
developer = [http://sourceforge.net/project/memberlist.php?group_id=34302 The Splint Developers]
latest_release_version = 3.1.2
latest_release_date = July 12, 2007
operating_system = Cross-platform
genre = Static code analysis
license = GPL
website = [http://splint.org/ splint.org]

Splint, short for Secure Programming Lint, is a programming tool for statically checking C programs for security vulnerabilities and coding mistakes. Formerly called LCLint, it is a modern version of the Unix lint tool.

Splint has the ability to interpret special annotations to the source code, which gives it stronger checking than is possible just by looking at the source alone.

Splint is free software released under the terms of the GNU General Public License.

[http://sourceforge.net/project/stats/detail.php?group_id=34302&ugn=splint&type=cvs&mode=60day According to] the CVS at SourceForge, as of December 2007 the most recent change in the repository was on 10 August 2007.

According to their homepage, the latest release is version 3.1.2 on July 12 2007.

However, the maintainer has [http://www.cs.virginia.edu/pipermail/splint-discuss/2007-July/000994.html said] that development is stagnant and the project needs new volunteers.

Example


#include int main (){ char c; while (c != 'x'); { c = getchar (); if (c = 'x') return 0; switch (c) { case ' ': case ' ': printf ("Newline "); default: printf ("%c",c); } } return 0;}

Splint's output:

Variable c used before definitionSuspected infinite loop. No value used in loop test (c) isAssignment of int to char: c = getchar()Test expression for if is assignment expression: c = 'x'Test expression for if not boolean, type char: c = 'x'Fall through case (no preceding break)

Fixed source:
#include

int main(void){ int c;

while (c = getchar(), c != EOF && c != 'x') { switch (c) { case ' ': case ' ': printf ("Newline "); break; default: printf ("%c",c); } } return 0;}

See also

*Buffer overflow
*Memory debugger
*Software testing
*List of tools for static code analysis

External links

* [http://splint.org/ Home page]
* [http://splint.org/pubs.html Publications about checking techniques]
* [http://sourceforge.net/projects/splint/ SourceForge project page]
* [http://www.cs.virginia.edu/pipermail/splint-discuss/ splint-discuss mailing list archive]


Wikimedia Foundation. 2010.

Игры ⚽ Нужна курсовая?

Look at other dictionaries:

  • Splint — may refer to:*Splint (programming tool), a device for checking computer programs *Splint (medicine), a medical device for the immobilization of limbs or spine *Splints, an ailment of horses *Splint (orthodontic), a retainer built into teeth to… …   Wikipedia

  • List of tools for static code analysis — This is a list of significant tools for static code analysis.Historical products* Lint the original static code analyzer of C code.Open source or Noncommercial products .NET (C#, VB.NET and all .NET compatible languages) *… …   Wikipedia

  • Open source software development — is the process by which open source software (or similar software whose source code is publicly available) is developed. These are software products “available with its source code and under an open source license to study, change, and improve… …   Wikipedia

  • Memory debugger — A memory debugger is a programming tool for finding memory leaks and buffer overflows. These are due to bugs related to the allocation and deallocation of dynamic memory. Programs written in languages that have garbage collection, such as managed …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”