splint ("secure programming lint") is a lint implementation, i.e. a tool for statically checking C programs for security vulnerabilities and coding mistakes. With minimal effort, Splint can be used as a better lint. If additional effort is invested adding annotations to programs, Splint can perform stronger checking than can be done by any standard lint.
Questions tagged [splint]
84 questions
0
votes
1 answer
How detect a buffer overflow with splint
I'm trying to use splint to detect some bug in my code. One of more critical point is the buffer overflow detection and seem that splint is not able to do that.
I've tried with a simple C-code
void test()
{
int i;
int a[10]
…
H2O
- 153
- 1
- 1
- 13
0
votes
1 answer
How to generate a splint log
I want generate, under Linux, a complete splint report file including also the date and the split tool version.
I tried with ">" to redirect the stdio split output to a file but inside the file I found only the split messages
To better explain, I…
H2O
- 153
- 1
- 1
- 13
0
votes
0 answers
Why won't Splint warn about "variable reassigned before used"?
Here's the code
int main(){
int a=1;
a=2;
a=3;
return a;
}
I checked the code with splint and it says "no warnings". Actually, a is reassigned 3 before the old value 2 is used. This may sign a potential defect.
What command-line…
ricyn
- 1
0
votes
0 answers
Splint - Parse errors due to compiler-specific keywords -__attribute__((weak))
Currently i'm having parse errors, due to compiler specific keywords and i can't figure out how to solve them.
Here is example: keyword __attribute__ have the parameter in double brackers ((weak)). I've tried -D trick to ignore the keyword, but it…
Laney
- 1
- 1
0
votes
0 answers
Splint Out of Range Error
I am using Splint 3.1.2, and I am getting Out of Range Error during Execution of Splint in My Code. My code has 2000 .C files, my execution is Stopping every time in some .c files, because of Out of Range Error. Can anyone Help me on this Issue ???.
Hitesh Kumar Tiwari
- 69
- 7
0
votes
1 answer
How can we use splint using cmake for large project
I am trying to use splint on moderately large project which uses cmake for build.
Project contains hundreds of source file scattered over large directory structure. I am not finding any info for using splint with cmake.
directory structure is…
Barney Stinson
- 3
- 3
0
votes
3 answers
Addressing splint warnings about functions "not used" while they are passed as parameters
On a program of me, the splint checker warns:
expat-test.c:23:1: Function exported but not used outside expat-test: start
A declaration is exported, but not used outside this module. Declaration can
use static qualifier. (Use -exportlocal to…
bortzmeyer
- 34,164
- 12
- 67
- 91
0
votes
2 answers
Splint barfs on __thread, which is part of C99
Running splint
matt@stanley:~/cpfs$ splint -paramuse +gnuextensions cpfs.c
Halts on this line:
__thread int cpfs_errno;
With a parse error:
cpfs.c:127:13: Parse Error: Non-function declaration: __thread :
int. (For help on parse…
Matt Joiner
- 112,946
- 110
- 377
- 526
0
votes
0 answers
splint large project (hundreds of files)
I'm using Splint for a moderately large project. All is fine, but we are now trying to up the level from "weak" to "checks". Because we are checking files one by one, Splint complains about undefined functions. I seem to remember Splint had the…
Toni Homedes i Saun
- 638
- 6
- 15
0
votes
1 answer
Splint : Cannot open file
When trying to run an analysis on my project with Splint via makefile I got this error message :
Cannot open file: ../splint_evaluationa/my_project/source/*.c
Finished checking --- no code processed
Here is my makefile:
SPLINT_FLAGS =-preproc \
…
Alma
- 31
- 1
- 10
0
votes
1 answer
How to insert Splint into Makefile?
I would like to configure my project in order to use Splint to analyse the different components.
How to add the command line into my Makefile, in a way it will ask if I want to run an analysis with Splint or just compile the program normally ?
Alma
- 31
- 1
- 10
0
votes
1 answer
Method to make IncludeDirs available to external tool
I'm currently trying to make splint available as an external tool in Visual Studio 2010.
It has problems with finding all includes for the file, since it seems that the INCLUDE variable is only set at build time and I haven't found any other…
Daniel R.
- 66
- 5
0
votes
1 answer
MySQL C API with Splint: Freeing fields and rows
I'm trying to use Splint with MySQL C API and have run in to some additional problems relating to freeing memory. In all the examples I can find about using the C API, the only freeing function that is called is mysql_free_result, but rows and…
Olle Härstedt
- 3,799
- 1
- 24
- 57
0
votes
1 answer
Splint and MySQL: Null storage passed as non-null param
I'm trying to use Splint with a short CGI script, but get this error:
Null storage passed as non-null param: mysql_init(NULL)
mysql_init is defined to return a new value if it's param is NULL, or store the result in the param if it's not. Yet, if I…
Olle Härstedt
- 3,799
- 1
- 24
- 57
0
votes
2 answers
C : Splint pointers related warnings. What does they mean?
The following code compiles and execute without any warning or error. However, when I use splint to analyze the code, it shows 4 warnings (shown below the code).
Most of the examples I have seen (with that kind of warnings), uses malloc and free.…
lepe
- 24,677
- 9
- 99
- 108