splint

tool for statically checking C programs for bugs

Install

All systems
curl cmd.cat/splint.sh
Debian Debian
apt-get install splint
Ubuntu
apt-get install splint
Arch Arch Linux
pacman -S splint
image/svg+xml Kali Linux
apt-get install splint
Fedora
dnf install splint
OS X
brew install splint
Raspbian
apt-get install splint

splint

tool for statically checking C programs for bugs

splint is an annotation-assisted lightweight static checker. It is a tool for statically checking C programs for security vulnerabilities and coding mistakes. If additional effort is invested in adding annotations to programs, splint can perform stronger checking. splint does many of the traditional lint checks including unused declarations, type inconsistencies, use before definition, unreachable code, ignored return values, execution paths with no return, likely infinite loops, and fall through cases. Problems detected by Splint include: * Dereferencing a possibly null pointer * Using or returning storage that is undefined or not properly defined * Type mismatches, with greater precision and flexibility than by C compilers * Memory management errors like use of dangling references and memory leaks * Inconsistent (with specified interface) global variable modification or use * Problematic control flow such as likely infinite loops etc. * Buffer overflow vulnerabilities * Dangerous macro implementations or invocations * Violations of customized naming conventions