Splint (programming tool)

Splint ( Secure Programming Lint ) is a software for static source code analysis of C programming Splint is an indirect development of Lint. Sapwood is free software released under the GNU General Public License.

Sapwood analyzed C source code and indicates probable programming error if, for example, typical constructs of the C programming language were used in an unusual way, which are probably the result of a confusion of similar operators or by forgetting a pair of parentheses. Additionally interpreted sapwood various annotations in C comments, so as to distinguish between intentional and accidental use of a construct, and only in the latter output an error warning.

Example

The following example of a faulty source code shows the operation of the cotter pin. The program was supposed to read in a loop one character from the input and output an appropriate message for each line break. The character " x " to exit the program. All other characters are output directly.

The program is, however, fraught with typical Schlampigkeitsfehlern when programming in C:

  • The variable C is read without being initialized beforehand.
  • After the while statement is a semicolon, which caused an infinite loop.
  • The allocation of getchar is an implicit type conversion from int instead of char.
  • The if condition contains an assignment instead of a comparison
  • In the switch construct lacking a break.

# include int main () {    char c;    while ( c = ' x'! );    {      c = getchar ();      if ( c = 'x') return 0;      switch (c )        {        case ' \ n':        case ' \ r':          printf (" new line \ n");        default:          printf (" % c ", c);        }    }    return 0; } During a typical C compiler like gcc warning only before the assignment in the if statement, place splint six suspicious codes ( the output was the clarity with explanatory comments abridged):

Variable c is used before definition    Suspected infinite loop. No value used in loop test ( c ) is    Assignment of int to char c = getchar ()    Test expression for if is assignment expression: c = ' x'    Test expression for if not boolean, type char c = ' x'    Case through case (no Preceding break ) In fact, the disputed points correspond in the source code with the programming errors:

  • The variable c is compared with ' x', although she was previously assigned a value. Thus, the further behavior of the program is undefined.
  • The return value of the function getchar is of type int, but is assigned to a variable of type char. Since the char type does not contain all possible values ​​of int, ambiguities may arise.
  • C allows assignments within expressions. But this is, as here, often unintentionally.
  • In a switch statement, each branch should be explicitly terminated with a break, otherwise the code of the next branch is executed with. In '\ n ' and '\ r' is not the intention, but in the default branch.

For comparison, the correct program, which is not disputed by splint:

# include   int main ( void) {    int c;      while ( c = getchar (), c! = EOF && c! = 'x')    {      switch (c )        {        case ' \ n':        case ' \ r':          printf (" new line \ n");          break;        default:          printf (" % c ", c);        }    }    return 0; } Web Links

  • Web presence of sapwood project
  • Free programming tool
  • Test Software
742171
de