1splint(1)                   General Commands Manual                  splint(1)
2
3
4
5 .
6
7

NAME

9       splint - A tool for statically checking C programs
10
11

SYNOPSIS

13       splint [options]
14
15

DESCRIPTION

17       Splint  is  a tool for statically checking C programs for security vul‐
18       nerabilities and common  programming  mistakes.  With  minimal  effort,
19       Splint can be used as a better lint(1).If additional effort is invested
20       adding annotations to programs, Splint can perform stronger checks than
21       can  be  done by any standard lint.  For full documentation, please see
22       http://www.splint.org.  This man page only covers a few of  the  avail‐
23       able options.
24
25

OPTIONS

27       -help Shows help
28
29
30       Initialization
31
32       These  flags  control directories and files used by Splint. They may be
33       used from the command line or in an options file, but may not  be  used
34       as  control  comments in the source code. Except where noted. they have
35       the same meaning preceded by - or +.
36
37
38       -tmpdir directory
39             Set directory for writing temp files. Default is /tmp/.
40
41
42       -I directory
43             Add directory to path searched for C include files. Note there is
44             no space after the I, to be consistent with C preprocessor flags.
45
46
47       -S directory
48             Add directory to path search for .lcl specification files.
49
50
51       -f file
52             Load  options  file <file>. If this flag is used from the command
53             line, the default ~/.splintrc file is not loaded. This  flag  may
54             be used in an options file to load in another options file.
55
56
57       -nof  Prevents  the default options files (./.splintrc and ~/.splintrc)
58             from being loaded. (Setting  -nof  overrides  +nof,  causing  the
59             options files to be loaded normally.)
60
61
62       -systemdirs directories
63             Set  directories  for  system  files (default is "/usr/include").
64             Separate       directories       with        colons        (e.g.,
65             "/usr/include:/usr/local/lib").  Flag settings propagate to files
66             in a system directory. If -systemdirerrors is set, no errors  are
67             reported for files in system directories.
68
69
70       Pre-processor
71
72       These  flags  are  used  to define or undefine pre-processor constants.
73       The -I<directory> flag is also passed to the C pre-processor.
74
75
76       -D initializer
77             Passed to the C pre-processor.
78
79
80       -U initializer
81             Passed to the C pre-processor
82
83
84       Libraries These flags control the creation and use of libraries.
85
86
87       -dump file
88             Save state in <file> for loading. The default extension  .lcd  is
89             added if <file> has no extension.
90
91
92       -load file
93             Load  state from <file> (created by -dump). The default extension
94             .lcd is added if <file> has no extension. Only one  library  file
95             may be loaded.
96
97             By  default,  the standard library is loaded if the -load flag is
98             not used to load a user library. If no user  library  is  loaded,
99             one  of  the  following  flags  may be used to select a different
100             standard library. Precede the flag by +  to  load  the  described
101             library (or prevent a library from being loaded using nolib). See
102             Apppendix F for information on the provided libraries.
103
104
105       -nolib
106             Do not load any library. This prevents the standard library  from
107             being loaded.
108
109
110       -ansi-lib
111             Use the ANSI standard library (selected by default).
112
113
114       -strict-lib
115             Use strict version of the ANSI standard library.
116
117
118       -posix-lib
119             Use the POSIX standard library.
120
121
122       -posix-strict-lib
123             Use the strict version of the POSIX standard library.
124
125
126       -1-lib
127             Use UNIX version of standard library.
128
129
130       -1-strict-lib
131             Use the strict version of the UNIX standard library.
132
133
134       Output
135
136       These  flags  control what additional information is printed by Splint.
137       Setting +<flag> causes the described information to be printed; setting
138       -<flag> prevents it. By default, all these flags are off.
139
140
141       -usestderr
142             Send error messages to standard error (instead of standard out).
143
144
145       -showsummary
146             Show  a  summary of all errors reported and suppressed. Counts of
147             suppressed errors are not necessarily  correct  since  turning  a
148             flag off may prevent some checking from being done to save compu‐
149             tation, and errors that are not reported  may  propagate  differ‐
150             ently from when they are reported.
151
152
153       -showscan
154             Show file names are they are processed.
155
156
157       -showalluses
158             Show list of uses of all external identifiers sorted by number of
159             uses.
160
161
162       -stats
163             Display number of lines processed and checking time.
164
165
166       -timedist
167             Display distribution of where checking time is spent.
168
169
170       -quiet
171             Suppress herald and error count. (If quiet  is  not  set,  Splint
172             prints  out  a  herald  with  version information before checking
173             begins, and  a  line  summarizing  the  total  number  of  errors
174             reported.)
175
176
177       -whichlib
178             Print out the standard library filename and creation information.
179
180
181       -limit number
182             At  most <number> similar errors are reported consecutively. Fur‐
183             ther errors are suppressed, and a message showing the  number  of
184             suppressed messages is printed.
185
186
187       Expected Errors
188
189       Normally,  Splint will expect to report no errors. The exit status will
190       be success (0) if no errors are reported, and failure if any errors are
191       reported.  Flags  can  be  used  to set the expected number of reported
192       errors.  Because of the provided error  suppression  mechanisms,  these
193       options  should  probably  not be used for final checking real programs
194       but may be useful in developing programs using make.
195
196
197       -expect <number>
198             Exactly <number> code errors are expected. Splint will exit  with
199             failure exit status unless <number> code errors are detected.
200
201
202       -Message Format
203             These  flags control how messages are printed. They may be set at
204             the command line, in options files, or locally in syntactic  com‐
205             ments. The linelen and limit flags may be preceded by + or - with
206             the same meaning; for the other flags, + turns  on  the  describe
207             printing  and  -  turns  it off. The box to the left of each flag
208             gives its default value.
209
210
211       -showcolumn
212             Show column number where error is found. Default: +
213
214
215       -showfunc
216             Show name of function (or macro) definition containing error. The
217             function  name  is printed once before the first message detected
218             in that function. Default: +
219
220
221       -showallconjs
222             Show all possible alternate types (see Section 8.2.2). Default: -
223
224
225       -paren-file-format
226             Use file(line) format in messages.
227
228
229       -hints
230             Provide hints describing an error and how a message may  be  sup‐
231             pressed  for  the  first  error  reported  in  each  error class.
232             Default: +
233
234
235       -forcehints
236             Provide hints for all errors  reported,  even  if  the  hint  has
237             already been displayed for the same error class. Default: -
238
239
240       -linelen number
241             Set length of maximum message line to <number> characters. Splint
242             will split messages longer than  <number>  characters  long  into
243             multiple lines. Default: 80
244
245
246       Mode Selector Flags
247
248       Mode  selects  flags  set the mode checking flags to predefined values.
249       They provide a quick coarse-grain way of controlling  what  classes  of
250       errors  are  reported.  Specific checking flags may be set after a mode
251       flag to override the mode settings. Mode flags  may  be  used  locally,
252       however the mode settings will override specific command line flag set‐
253       tings. A warning is produced if a mode flag is used after a mode check‐
254       ing flag has been set.
255
256       These  are  brief descriptions to give a general idea of what each mode
257       does. To see the complete flag settings in each mode, use splint  -help
258       modes. A mode flag has the same effect when used with either + or -.
259
260
261       -weak Weak  checking, intended for typical unannotated C code. No modi‐
262             fies checking, macro checking, rep exposure, or  clean  interface
263             checking  is  done. Return values of type int may be ignored. The
264             types bool, int, char and user-defined enum types are all equiva‐
265             lent. Old style declarations are unreported.
266
267
268       -standard
269             The default mode. All checking done by weak, plus modifies check‐
270             ing, global alias checking, use all  parameters,  using  released
271             storage,  ignored  return  values  or  any  type, macro checking,
272             unreachable code, infinite loops,  and  fall-through  cases.  The
273             types  bool,  int  and char are distinct.  Old style declarations
274             are reported.
275
276
277       -checks
278             Moderately strict checking. All checking done by  standard,  plus
279             must  modification  checking,  rep exposure, return alias, memory
280             management and complete interfaces.
281
282
283       -strict
284             Absurdly strict checking. All checking done by checks, plus modi‐
285             fications  and  global  variables  used in unspecified functions,
286             strict standard library, and strict typing of C operators. A spe‐
287             cial  reward  will  be presented to the first person to produce a
288             real program that produces no errors with strict checking.
289
290

AUTHOR

292       If you  need  to  get  in  contact  with  the  authors  send  email  to
293       ⟨mailto:info@splint.org⟩
294
295       or visit ⟨http://www.splint.org
296
297

SEE ALSO

299       lint(1)
300
301
302
303                   A tool for statically checking C programs         splint(1)
Impressum