. NAME splint - A tool for statically checking C programs SYNOPSIS splint [options] DESCRIPTION Splint is a tool for statically checking C programs for security vulnerabilities and common programming mistakes. With minimal effort, Splint can be used as a better lint(1).If additional effort is invested adding annotations to programs, Splint can perform stronger checks than can be done by any standard lint. For full documentation, please see http://www.splint.org. This man page only covers a few of the available options. OPTIONS -help Shows help Initialization These flags control directories and files used by Splint. They may be used from the command line or in an options file, but may not be used as control comments in the source code. Except where noted. they have the same meaning preceded by - or +. -tmpdir directory Set directory for writing temp files. Default is /tmp/. -I directory Add directory to path searched for C include files. Note there is no space after the I, to be consistent with C preprocessor flags. -S directory Add directory to path search for .lcl specification files. -f file Load options file <file>. If this flag is used from the command line, the default ~/.splintrc file is not loaded. This flag may be used in an options file to load in another options file. -nof Prevents the default options files (./.splintrc and ~/.splintrc) from being loaded. (Setting -nof overrides +nof, causing the options files to be loaded normally.) -systemdirs directories - 1 - Formatted: December 26, 2024 splint(1) splint(1) A tool for statically checking C programs Set directories for system files (default is "/usr/include"). Separate directories with colons (e.g., "/usr/include:/usr/local/lib"). Flag settings propagate to files in a system directory. If -systemdirerrors is set, no errors are reported for files in system directories. Pre-processor These flags are used to define or undefine pre-processor constants. The -I<directory> flag is also passed to the C pre-processor. -D initializer Passed to the C pre-processor. -U initializer Passed to the C pre-processor Libraries These flags control the creation and use of libraries. -dump file Save state in <file> for loading. The default extension .lcd is added if <file> has no extension. -load file Load state from <file> (created by -dump). The default extension .lcd is added if <file> has no extension. Only one library file may be loaded. By default, the standard library is loaded if the -load flag is not used to load a user library. If no user library is loaded, one of the following flags may be used to select a different standard library. Precede the flag by + to load the described library (or prevent a library from being loaded using nolib). See Apppendix F for information on the provided libraries. -nolib Do not load any library. This prevents the standard library from being loaded. -ansi-lib Use the ANSI standard library (selected by default). - 2 - Formatted: December 26, 2024 splint(1) splint(1) A tool for statically checking C programs -strict-lib Use strict version of the ANSI standard library. -posix-lib Use the POSIX standard library. -posix-strict-lib Use the strict version of the POSIX standard library. -1-lib Use UNIX version of standard library. -1-strict-lib Use the strict version of the UNIX standard library. Output These flags control what additional information is printed by Splint. Setting +<flag> causes the described information to be printed; setting -<flag> prevents it. By default, all these flags are off. -usestderr Send error messages to standard error (instead of standard out). -showsummary Show a summary of all errors reported and suppressed. Counts of suppressed errors are not necessarily correct since turning a flag off may prevent some checking from being done to save computation, and errors that are not reported may propagate differently from when they are reported. -showscan Show file names are they are processed. -showalluses Show list of uses of all external identifiers sorted by number of uses. -stats Display number of lines processed and checking time. - 3 - Formatted: December 26, 2024 splint(1) splint(1) A tool for statically checking C programs -timedist Display distribution of where checking time is spent. -quiet Suppress herald and error count. (If quiet is not set, Splint prints out a herald with version information before checking begins, and a line summarizing the total number of errors reported.) -whichlib Print out the standard library filename and creation information. -limit number At most <number> similar errors are reported consecutively. Further errors are suppressed, and a message showing the number of suppressed messages is printed. Expected Errors Normally, Splint will expect to report no errors. The exit status will be success (0) if no errors are reported, and failure if any errors are reported. Flags can be used to set the expected number of reported errors. Because of the provided error suppression mechanisms, these options should probably not be used for final checking real programs but may be useful in developing programs using make. -expect <number> Exactly <number> code errors are expected. Splint will exit with failure exit status unless <number> code errors are detected. -Message Format These flags control how messages are printed. They may be set at the command line, in options files, or locally in syntactic comments. The linelen and limit flags may be preceded by + or - with the same meaning; for the other flags, + turns on the describe printing and - turns it off. The box to the left of each flag gives its default value. -showcolumn Show column number where error is found. Default: + - 4 - Formatted: December 26, 2024 splint(1) splint(1) A tool for statically checking C programs -showfunc Show name of function (or macro) definition containing error. The function name is printed once before the first message detected in that function. Default: + -showallconjs Show all possible alternate types (see Section 8.2.2). Default: - -paren-file-format Use file(line) format in messages. -hints Provide hints describing an error and how a message may be suppressed for the first error reported in each error class. Default: + -forcehints Provide hints for all errors reported, even if the hint has already been displayed for the same error class. Default: - -linelen number Set length of maximum message line to <number> characters. Splint will split messages longer than <number> characters long into multiple lines. Default: 80 Mode Selector Flags Mode selects flags set the mode checking flags to predefined values. They provide a quick coarse-grain way of controlling what classes of errors are reported. Specific checking flags may be set after a mode flag to override the mode settings. Mode flags may be used locally, however the mode settings will override specific command line flag settings. A warning is produced if a mode flag is used after a mode checking flag has been set. These are brief descriptions to give a general idea of what each mode does. To see the complete flag settings in each mode, use splint -help modes. A mode flag has the same effect when used with either + or -. -weak Weak checking, intended for typical unannotated C code. No modifies checking, macro checking, rep exposure, or clean interface checking is done. Return values of type int may be ignored. The types bool, int, char and user-defined enum types - 5 - Formatted: December 26, 2024 splint(1) splint(1) A tool for statically checking C programs are all equivalent. Old style declarations are unreported. -standard The default mode. All checking done by weak, plus modifies checking, global alias checking, use all parameters, using released storage, ignored return values or any type, macro checking, unreachable code, infinite loops, and fall-through cases. The types bool, int and char are distinct. Old style declarations are reported. -checks Moderately strict checking. All checking done by standard, plus must modification checking, rep exposure, return alias, memory management and complete interfaces. -strict Absurdly strict checking. All checking done by checks, plus modifications and global variables used in unspecified functions, strict standard library, and strict typing of C operators. A special reward will be presented to the first person to produce a real program that produces no errors with strict checking. AUTHOR If you need to get in contact with the authors send email to or visit SEE ALSO lint(1) - 6 - Formatted: December 26, 2024