Changes since 3.1.1:
Declarations of intptr_t and uintptr_t
The standard library declares the intptr_t and uintptr_t types
incorrectly. They are declared as int * and unsigned int *,
but should be integral types (large enough to hold a pointer)
instead.
(Reported by David Sanderson, 25 Sep 2004. Fixed in development
standard.h.)
Mode help
Splint crashes when run with -help weak or another mode flag.
(Reported by Clive Bach, 27 July 2004. Fixed in CVS 28 July 2004.)
Missing va_copy
The standard library is missing va_copy.
(Reported by Roland Illig, 21 May 2004. Fixed in CVS, 21 May 2004.)
Shifting in pre-processor expressions
Splint will report an internal error for a preprocessor expression
that shifts a negative value. This should produce a warning message
instead.
(Reported by Dirk Herrmann, 10 Nov 2003. Fixed in CVS, 18 May 2004,
but no warning message added yet.)
gmtime and localtime
The return type is incorrectly specified as /*@null@*/ in the
standard library. gmtime and localtime are guaranteed to return
non-null values.
(Reported by Terry Colligan, 30 Oct 2003. Fixed in CVS, 2 Nov 2003.)
Redefining __func__
Splint will report an internal bug if built in special definitions
like __func__ are redefined.
(Reported by Terry Colligan, 28 Oct 2003. Fixed in CVS, 28 Oct 2003.)
Pragma Line Numbers
Splint does not count
#pragma ...
lines in the line number.
(Reported by Scott Frazer, 27 Oct 2003. Fixed in CVS, 27 Oct 2003.)
Files Unclosed in Win32
Options that involve writing messages to files do not work in Win32.
The check that all files are closed was somehow copied to a location
it shouldn't be (llmain:830).
(Fixed in CVS 18 Sept 2003.)
Multi-dimensional Arrays
Splint does not interpret declarations of multidimensional arrays
correctly. A declaration like int a[][10] is misinterpreted as
int a[10][].
(Reported by Bill Leahy, 15 Sept 2003. Fixed in CVS 15 Sept 2003.)
&& and || guards
Splint does not correctly interpret guards for non-boolean
expressions in && and || clauses (e.g., if (s && t)).
(Reported by Andrew Bishop. Fixed in CVS 13 August 2003.)
scanf %x
Splint interprets %x in a scanf format string as an int *, but it
should be an unsigned int *.
(Reported by Andrew Bishop. Fixed in CVS 13 August 2003.)
+matchanyintegral and unsignedintegrals
When +matchanyintegral is set, splint should allow any int type to
match an aribtrary unsigned integral.
(Reported by John Makecki. Fixed in CVS 18 July 2003.)
Shadow updates
When a variable declaration is shadowed, the sRef_updateSref
function will find the inner reference when there is an alias
to the outer reference.
(Reported by John Makecki. Fixed in CVS 18 July 2003.)
Internal assertion fails for unconventional bounds
An internal assertion will fail for strange array indexes like,
i["]<i;++i){--i;}"].
(Reported by Xose Vazquez Perez. Fixed in CVS 12 July 2003.)
Assignments with global structs
Splint does not correctly update state when the rhs of an assignment
is a struct with global scope.
(Reported by Steve Brooke. Fixed in CVS, 10 July 2003.)
Defining __STDC__
Splint should define __STDC__. See http://bugs.debian.org/cgi-bin/
bugreport.cgi?bug=171437&msg=7 for details.
(Reported by Vincent Lefevre. Fixed in CVS, 10 July 2003)
Missing signal.h definitions
The posix library is missing some definitions from signal.h.
(Reported by Jerry James. Fixed in CVS, 13 June 2003)
Pre-processing ISO8859-1 characters
Splint does not process ISO8859-1 characters correctly since it is
building on a pre-ISO8859-1 version of gcc's pre-processor, and
character \377 is indistinguishable from EOF.
(Reported by Kai Hofmann. Fixed in CVS, 6 June 2003)
Printing lltok
Splint prints -> tokens in specifications incorrectly as ".".
Reported and fixed by Psanzani.
(Fixed in CVS, 6 June 2003)
developer is officially maintaining the package.
The rationale for changing this from "tech-pkg" to "pkgsrc-users" is
that it implies that any user can try to maintain the package (by
submitting patches to the mailing list). Since the folks most likely
to care about the package are the folks that want to use it or are
already using it, this would leverage the energy of users who aren't
developers.
The 3.1.0 release contained numerous enhancements over the previous 3.0.1.6
release. Among other improvements, the accuracy of the bounds checking code
has improved; Splint can produce output in html or comma separated value(CSV)
format; and support for numabstract types has been added. Additionally the
code contains numerous bugs fixes and house keeping updates.
(Details at http://www.splint.org/changes.html )
No list of changes available for the 3.1.1 release.
Splint is a tool for statically checking C programs for security
vulnerabilities and coding mistakes. With minimal effort, Splint
can be used as a better lint. If additional effort is invested
adding annotations to programs, Splint can perform stronger checking
than can be done by any standard lint.
Splint 3.0 is the successor to LCLint 2.5.
