2010-05-11 14:05:53 +02:00
|
|
|
splint is a tool for statically checking C programs for security vulnerabilities
|
|
|
|
and programming mistakes. Splint does many of the traditional lint checks
|
|
|
|
including unused declarations, type inconsistencies, use before definition,
|
|
|
|
unreachable code, ignored return values, execution paths with no return,
|
|
|
|
likely infinite loops, and fall through cases.
|
|
|
|
|
|
|
|
More powerful checks are made possible by additional information given
|
|
|
|
in source code annotations. Annotations are stylized comments that
|
|
|
|
document assumptions about functions, variables, parameters and types.
|
|
|
|
In addition to the checks specifically enabled by annotations, many
|
|
|
|
of the traditional lint checks are improved by exploiting this additional
|
|
|
|
information.
|
|
|
|
|
|
|
|
As more effort is put into annotating programs, better checking results.
|
|
|
|
Splint is designed to be flexible and allow programmers to select
|
|
|
|
appropriate points on the effort-benefit curve for particular projects.
|
|
|
|
As different checks are turned on and more information is given in code
|
|
|
|
annotations the number of bugs that can be detected increases dramatically.
|
2010-05-11 22:22:46 +02:00
|
|
|
|
2010-05-13 00:25:36 +02:00
|
|
|
If you want splint to be used as the system default lint, then do this
|
|
|
|
after installing splint:
|
|
|
|
cd /usr/bin ; ln -s splint lint
|
|
|
|
cd /usr/man/man1 ; ln -s splint.1.gz lint.1.gz
|