Splint (programming tool)
Splint ( Secure Programming Lint ) is a software for static source code analysis of C programming Splint is an indirect development of Lint. Sapwood is free software released under the GNU General Public License.
Sapwood analyzed C source code and indicates probable programming error if, for example, typical constructs of the C programming language were used in an unusual way, which are probably the result of a confusion of similar operators or by forgetting a pair of parentheses. Additionally interpreted sapwood various annotations in C comments, so as to distinguish between intentional and accidental use of a construct, and only in the latter output an error warning.
Example
The following example of a faulty source code shows the operation of the cotter pin. The program was supposed to read in a loop one character from the input and output an appropriate message for each line break. The character " x " to exit the program. All other characters are output directly.
The program is, however, fraught with typical Schlampigkeitsfehlern when programming in C:
- The variable C is read without being initialized beforehand.
- After the while statement is a semicolon, which caused an infinite loop.
- The allocation of getchar is an implicit type conversion from int instead of char.
- The if condition contains an assignment instead of a comparison
- In the switch construct lacking a break.
# include int main () { char c; while ( c = ' x'! ); { c = getchar (); if ( c = 'x') return 0; switch (c ) { case ' \ n': case ' \ r': printf (" new line \ n"); default: printf (" % c ", c); } } return 0; } During a typical C compiler like gcc warning only before the assignment in the if statement, place splint six suspicious codes ( the output was the clarity with explanatory comments abridged):
Variable c is used before definition Suspected infinite loop. No value used in loop test ( c ) is Assignment of int to char c = getchar () Test expression for if is assignment expression: c = ' x' Test expression for if not boolean, type char c = ' x' Case through case (no Preceding break ) In fact, the disputed points correspond in the source code with the programming errors:
- The variable c is compared with ' x', although she was previously assigned a value. Thus, the further behavior of the program is undefined.
- The return value of the function getchar is of type int, but is assigned to a variable of type char. Since the char type does not contain all possible values of int, ambiguities may arise.
- C allows assignments within expressions. But this is, as here, often unintentionally.
- In a switch statement, each branch should be explicitly terminated with a break, otherwise the code of the next branch is executed with. In '\ n ' and '\ r' is not the intention, but in the default branch.
For comparison, the correct program, which is not disputed by splint:
# include int main ( void) { int c; while ( c = getchar (), c! = EOF && c! = 'x') { switch (c ) { case ' \ n': case ' \ r': printf (" new line \ n"); break; default: printf (" % c ", c); } } return 0; } Web Links
- Web presence of sapwood project
- Free programming tool
- Test Software