Splint, short for Secure Programming Lint, is a programming tool
Programming tool
A programming tool or software development tool is a program or application that software developers use to create, debug, maintain, or otherwise support other programs and applications...
Static program analysis is the analysis of computer software that is performed without actually executing programs built from that software In most cases the analysis is performed on some version of the source code and in the other cases some form of the object code...
C is a general-purpose computer programming language developed between 1969 and 1973 by Dennis Ritchie at the Bell Telephone Laboratories for use with the Unix operating system....
for security vulnerabilities and coding mistakes. Formerly called LCLint, it is a modern version of the Unix
Unix
Unix is a multitasking, multi-user computer operating system originally developed in 1969 by a group of AT&T employees at Bell Labs, including Ken Thompson, Dennis Ritchie, Brian Kernighan, Douglas McIlroy, and Joe Ossanna...
In computer programming, lint was the name originally given to a particular program that flagged some suspicious and non-portable constructs in C language source code. The term is now applied generically to tools that flag suspicious usage in software written in any computer language...
tool.
Splint has the ability to interpret special annotations to the source code
Source code
In computer science, source code is text written using the format and syntax of the programming language that it is being written in. Such a language is specially designed to facilitate the work of computer programmers, who specify the actions to be performed by a computer mostly by writing source...
, which gives it stronger checking than is possible just by looking at the source alone.
Free software, software libre or libre software is software that can be used, studied, and modified without restriction, and which can be copied and redistributed in modified or unmodified form either without restriction, or with restrictions that only ensure that further recipients can also do...
The GNU General Public License is the most widely used free software license, originally written by Richard Stallman for the GNU Project....
.
Recent development activity on Splint has slowed significantly. According to the CVS
Concurrent Versions System
The Concurrent Versions System , also known as the Concurrent Versioning System, is a client-server free software revision control system in the field of software development. Version control system software keeps track of all work and all changes in a set of files, and allows several developers ...
SourceForge Enterprise Edition is a collaborative revision control and software development management system. It provides a front-end to a range of software development lifecycle services and integrates with a number of free software / open source software applications .While originally itself...
, as of January 2009 the most recent change in the repository was in August 2008. The whole year 2008 had only two write accesses to the repository. The maintainer has said that development is stagnant and the project needs new volunteers.
On the Splint homepage, the latest release is version 3.1.2 on July 12, 2007.
Example
include
int main
{
char c;
while (c != 'x');
{
c = getchar;
if (c = 'x')
return 0;
switch (c) {
case '\n':
case '\r':
printf("Newline\n");
default:
printf("%c",c);
}
}
return 0;
}
Splint's output:
Variable c used before definition
Suspected infinite loop. No value used in loop test (c) is modified by test or loop body.
Assignment of int to char: c = getchar
Test expression for if is assignment expression: c = 'x'
Test expression for if not boolean, type char: c = 'x'
Fall through case (no preceding break)
Fixed source:
include
int main
{
char c = (char) 0; // Added an initial assignment definition.
while (c != 'x') {
c = (char) getchar; // Type-cast to char.
if (c 'x') // Fixed the assignment error to make it a comparison operator.
return 0;
switch (c) {
case '\n':
case '\r':
printf("Newline\n");
break; // Added break statement to prevent fall-through.
default:
printf("%c",c);
break; //Added break statement to default catch, out of good practice.
}
}
return 0;
}
In computer security and programming, a buffer overflow, or buffer overrun, is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory. This is a special case of violation of memory safety....
A memory debugger is a programming tool for finding memory leaks and buffer overflows. These are due to bugs related to the allocation and deallocation of dynamic memory. Programs written in languages that have garbage collection, such as managed code, might also need memory debuggers, e.g...
Software testing is an investigation conducted to provide stakeholders with information about the quality of the product or service under test. Software testing can also provide an objective, independent view of the software to allow the business to appreciate and understand the risks of software...
