Splint (programming tool)
This article may have been previously nominated for deletion: Wikipedia:Articles for deletion/Splint (programming tool) exists. It is proposed that this article be deleted. If you can address this concern by improving, copyediting, sourcing, renaming, or merging the page, please edit this page and do so. You may remove this message if you improve the article or otherwise object to deletion for any reason. Although not required, you are encouraged to explain why you object to the deletion, either in your edit summary or on the talk page. If this template is removed, do not replace it. This message has remained in place for seven days, so the article may be deleted without further notice. Find sources: "Splint" programming tool – news · newspapers · books · scholar · JSTOR Nominator: Please consider notifying the author/project: {{subst:proposed deletion notify|Splint (programming tool)|concern=}} ~~~~Timestamp: 20120514064841 06:48, 14 May 2012 (UTC) Administrators: delete |
 | The topic of this article may not meet Wikipedia's notability guidelines for products and services. (September 2010) |
 | This article needs additional citations for verification. (September 2010) |
| Developer(s) | The Splint Developers |
|---|---|
| Stable release | 3.1.2
/ July 12, 2007 |
| Repository | |
| Operating system | Cross-platform |
| Type | Static code analysis |
| License | GPL |
| Website | http://splint.org |
Splint, short for Secure Programming Lint, is a programming tool for statically checking C programs for security vulnerabilities and coding mistakes. Formerly called LCLint, it is a modern version of the Unix lint tool.
Splint has the ability to interpret special annotations to the source code, which gives it stronger checking than is possible just by looking at the source alone.
Splint is free software released under the terms of the GNU General Public License.
Recent development activity on Splint has slowed significantly. According to the CVS at SourceForge, as of January 2009 the most recent change in the repository was in August 2008. The whole year 2008 had only two write accesses to the repository.[1] The maintainer has said that development is stagnant and the project needs new volunteers.[2]
Example
#include <stdio.h>
int main()
{
char c;
while (c != 'x');
{
c = getchar();
if (c = 'x')
return 0;
switch (c) {
case '\n':
case '\r':
printf("Newline\n");
default:
printf("%c",c);
}
}
return 0;
}
Splint's output:
Variable c used before definition Suspected infinite loop. No value used in loop test (c) is modified by test or loop body. Assignment of int to char: c = getchar() Test expression for if is assignment expression: c = 'x' Test expression for if not boolean, type char: c = 'x' Fall through case (no preceding break)
Fixed source:
#include <stdio.h>
int main()
{
char c = (char) 0; // Added an initial assignment definition.
while (c != 'x') {
c = (char) getchar(); // Type-cast to char.
if (c == 'x') // Fixed the assignment error to make it a comparison operator.
return 0;
switch (c) {
case '\n':
case '\r':
printf("Newline\n");
break; // Added break statement to prevent fall-through.
default:
printf("%c",c);
break; //Added break statement to default catch, out of good practice.
}
}
return 0;
}
See also
References
- ^ "Splint project CVS statistics". Retrieved 2009-01-15.
- ^ "splint-discuss: Moving to Google Code".
External links
- Home page
- Publications about checking techniques
- SourceForge project page
- splint-discuss mailing list archive
 | This programming-tool-related article is a stub. You can help Wikipedia by expanding it. |