splint
tool for statically checking C programs for bugs
Install
- All systems
-
curl cmd.cat/splint.sh
- Debian
-
apt-get install splint - Ubuntu
-
apt-get install splint - Arch Linux
-
pacman -S splint - Kali Linux
-
apt-get install splint - Fedora
-
dnf install splint - Windows (WSL2)
-
sudo apt-get updatesudo apt-get install splint - OS X
-
brew install splint - Raspbian
-
apt-get install splint - Dockerfile
- dockerfile.run/splint
splint
tool for statically checking C programs for bugs
splint is an annotation-assisted lightweight static checker. It is a tool for statically checking C programs for security vulnerabilities and coding mistakes. If additional effort is invested in adding annotations to programs, splint can perform stronger checking. splint does many of the traditional lint checks including unused declarations, type inconsistencies, use before definition, unreachable code, ignored return values, execution paths with no return, likely infinite loops, and fall through cases. Problems detected by Splint include: * Dereferencing a possibly null pointer * Using or returning storage that is undefined or not properly defined * Type mismatches, with greater precision and flexibility than by C compilers * Memory management errors like use of dangling references and memory leaks * Inconsistent (with specified interface) global variable modification or use * Problematic control flow such as likely infinite loops etc. * Buffer overflow vulnerabilities * Dangerous macro implementations or invocations * Violations of customized naming conventions