From owner-freebsd-ports Sat Mar 2 2: 0:28 2002 Delivered-To: freebsd-ports@hub.freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id BBC9637B41A for ; Sat, 2 Mar 2002 02:00:04 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g22A04136309; Sat, 2 Mar 2002 02:00:04 -0800 (PST) (envelope-from gnats) Received: from subterrain.net (subterrain.net [63.104.50.231]) by hub.freebsd.org (Postfix) with ESMTP id C1AC737B400 for ; Sat, 2 Mar 2002 01:52:57 -0800 (PST) Received: (from rrm@localhost) by subterrain.net (8.11.6/8.11.6) id g229qp354948; Sat, 2 Mar 2002 01:52:51 -0800 (PST) (envelope-from rrm) Message-Id: <200203020952.g229qp354948@subterrain.net> Date: Sat, 2 Mar 2002 01:52:51 -0800 (PST) From: Raymond Medeiros Reply-To: Raymond Medeiros To: FreeBSD-gnats-submit@freebsd.org Cc: Justin Lundy , Raymond Medeiros X-Send-Pr-Version: 3.113 Subject: ports/35474: New Port: Splint is a tool for statistically checking source code. Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 35474 >Category: ports >Synopsis: New Port: Splint is a tool for statistically checking source code. >Confidential: no >Severity: non-critical >Priority: high >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sat Mar 02 02:00:04 PST 2002 >Closed-Date: >Last-Modified: >Originator: Raymond Medeiros >Release: FreeBSD 4.5-STABLE i386 >Organization: Subterrain Information Network >Environment: System: FreeBSD subterrain.net 4.5-STABLE FreeBSD 4.5-STABLE #0: Sun Feb 3 21:31:55 PST 2002 sml@subterrain.net:/usr/src/sys/compile/SUBTERRAIN i386 >Description: New Port: Splint is a tool for statically checking C programs for security vulnerabilities and coding mistakes. With minimal effort, Splint can be used as a better lint. If additional effort is invested adding annotations to programs, Splint can perform stronger checking than can be done by any standard lint. WWW: http://lclint.cs.virginia.edu/ >How-To-Repeat: >Fix: # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # splint # splint/Makefile # splint/distinfo # splint/pkg-plist # splint/pkg-descr # splint/pkg-comment # splint/files # splint/files/splint.1 # splint/files/patch-aa # echo c - splint mkdir -p splint > /dev/null 2>&1 echo x - splint/Makefile sed 's/^X//' >splint/Makefile << 'END-of-splint/Makefile' X# ex:ts=8 X# Ports collection makefile for: splint X# Date created: Sat Mar 02, 2002 X# Whom: Raymond Medeiros (rrm@subterrain.net) X# X# $FreeBSD$ X# X XPORTNAME= splint XPORTVERSION= 3.0.1.6 XCATEGORIES= security XMASTER_SITES= http://www.splint.org/downloads/ \ X http://www.subterrain.net/~rrm/ports/splint/ XDISTNAME= splint-${PORTVERSION} XEXTRACT_SUFX= .src.tgz X XMAINTAINER= rrm@subterrain.net X XMAN?= splint.1 X X.include X XGNU_CONFIGURE= yes X X.if !target(post-install) && (${PORTNAME} == "splint") Xpost-install: X ${MV} ${PREFIX}/bin/i386-portbld-freebsd4.5-splint ${PREFIX}/bin/splint X @strip ${PREFIX}/bin/splint X.endif X X.include END-of-splint/Makefile echo x - splint/distinfo sed 's/^X//' >splint/distinfo << 'END-of-splint/distinfo' XMD5 (splint-3.0.1.6.src.tgz) = 3b19e62d5b3a8883ac356dff3615234c END-of-splint/distinfo echo x - splint/pkg-plist sed 's/^X//' >splint/pkg-plist << 'END-of-splint/pkg-plist' Xbin/splint Xshare/splint/lib/standard.h Xshare/splint/lib/standard.lcd Xshare/splint/lib/standardstrict.lcd Xshare/splint/lib/posix.h Xshare/splint/lib/posix.lcd Xshare/splint/lib/posixstrict.lcd Xshare/splint/lib/unix.h Xshare/splint/lib/unix.lcd Xshare/splint/lib/unixstrict.lcd Xshare/splint/lib/CTrait.syms Xshare/splint/lib/CTraitGen.lcl Xshare/splint/lib/bool.h Xshare/splint/lib/file.mts Xshare/splint/lib/file.xh Xshare/splint/lib/filerw.mts Xshare/splint/lib/filerw.xh Xshare/splint/lib/lclinit.lci Xshare/splint/lib/linux.h Xshare/splint/lib/lslinit.lsi Xshare/splint/lib/tainted.mts Xshare/splint/lib/tainted.xh Xshare/splint/lib/stdio.h Xshare/splint/lib/stdlib.h Xshare/splint/imports/assert.lcl Xshare/splint/imports/assert.lcs Xshare/splint/imports/ctype.lcl Xshare/splint/imports/ctype.lcs Xshare/splint/imports/errno.lcl Xshare/splint/imports/errno.lcs Xshare/splint/imports/limits.lcl Xshare/splint/imports/limits.lcs Xshare/splint/imports/locale.lcl Xshare/splint/imports/locale.lcs Xshare/splint/imports/math.lcl Xshare/splint/imports/math.lcs Xshare/splint/imports/setjmp.lcl Xshare/splint/imports/setjmp.lcs Xshare/splint/imports/signal.lcl Xshare/splint/imports/signal.lcs Xshare/splint/imports/stdarg.lcl Xshare/splint/imports/stdarg.lcs Xshare/splint/imports/stdio.lcl Xshare/splint/imports/stdio.lcs Xshare/splint/imports/stdlib.lcl Xshare/splint/imports/stdlib.lcs Xshare/splint/imports/string.lcl Xshare/splint/imports/string.lcs Xshare/splint/imports/strings.lcl Xshare/splint/imports/strings.lcs Xshare/splint/imports/time.lcl Xshare/splint/imports/time.lcs X@dirrm share/splint/imports X@dirrm share/splint/lib X@dirrm share/splint END-of-splint/pkg-plist echo x - splint/pkg-descr sed 's/^X//' >splint/pkg-descr << 'END-of-splint/pkg-descr' XSplint is a tool for statically checking C programs for security Xvulnerabilities and coding mistakes. With minimal effort, XSplint can be used as a better lint. If additional effort is Xinvested adding annotations to programs, Splint can perform Xstronger checking than can be done by any standard lint. X XWWW: http://lclint.cs.virginia.edu/ X X-- rrm X rrm@subterrain.net END-of-splint/pkg-descr echo x - splint/pkg-comment sed 's/^X//' >splint/pkg-comment << 'END-of-splint/pkg-comment' XSecure Programming Lint END-of-splint/pkg-comment echo c - splint/files mkdir -p splint/files > /dev/null 2>&1 echo x - splint/files/splint.1 sed 's/^X//' >splint/files/splint.1 << 'END-of-splint/files/splint.1' X .\" $Id: splint.1,v 1.1 2002/01/09 04:13:54 evans1629 Exp $ X.TH splint 1 "A tool for statically checking C programs" X X.SH NAME Xsplint \- A tool for statically checking C programs X X.SH SYNOPSIS X.BR splint X[options] X X.SH DESCRIPTION X.BR Splint Xis a tool for statically checking C programs for security Xvulnerabilities and common programming mistakes. With minimal effort, XSplint can be used as a better lint(1).If additional effort is invested Xadding annotations to programs, Splint can perform stronger checks than Xcan be done by any standard lint. For full documentation, please see Xhttp://www.splint.org. This man page only covers a few of the available Xoptions. X X.SH OPTIONS X X.TP 6 X.B \-help XShows help X X.PP X.B Initialization X XThese flags control directories and files used by Splint. They may be used from the Xcommand line or in an options file, but may not be used as control comments in the Xsource code. Except where noted. they have the same meaning preceded by \- or +. X X.TP 6 X.BI \-tmpdir " directory" XSet directory for writing temp files. Default is /tmp/. X X.TP 6 X.BI \-I " directory" XAdd directory to path searched for C include files. Note there is no space after the I, Xto be consistent with C preprocessor flags. X X.TP 6 X.BI \-S " directory" XAdd directory to path search for .lcl specification files. X X.TP 6 X.BI \-f " file" XLoad options file . If this flag is used from the command line, the default ~/.splintrc file is Xnot loaded. This flag may be used in an options file to load in another options file. X X.TP 6 X.B \-nof XPrevents the default options files (./.splintrc and ~/.splintrc) from being loaded. (Setting X-nof overrides +nof, causing the options files to be loaded normally.) X X.TP 6 X.BI \-systemdirs " directories" XSet directories for system files (default is "/usr/include"). Separate directories with colons (e.g., X"/usr/include:/usr/local/lib"). Flag settings propagate to files in a system directory. If X-systemdirerrors is set, no errors are reported for files in system directories. X X.PP X.B Pre-processor X XThese flags are used to define or undefine pre-processor constants. XThe -I flag is also passed to the C pre-processor. X X.TP 6 X.BI \-D " initializer" XPassed to the C pre-processor. X X.TP 6 X.BI \-U " initializer" XPassed to the C pre-processor X X.PP X.B Libraries XThese flags control the creation and use of libraries. X X.TP 6 X.BI \-dump " file" XSave state in for loading. The default extension .lcd is added if has no extension. X X.TP 6 X.BI \-load " file" XLoad state from (created by -dump). The default extension .lcd is added if has no Xextension. Only one library file may be loaded. X XBy default, the standard library is loaded if the -load flag is not used to load a user library. If no user library is Xloaded, one of the following flags may be used to select a different standard library. Precede the flag by + to Xload the described library (or prevent a library from being loaded using nolib). See Apppendix F for Xinformation on the provided libraries. X X.TP 6 X.B \-nolib XDo not load any library. This prevents the standard library from being loaded. X X.TP 6 X.B \-ansi-lib XUse the ANSI standard library (selected by default). X X.TP 6 X.B \-strict-lib XUse strict version of the ANSI standard library. X X.TP 6 X.B \-posix-lib XUse the POSIX standard library. X X.TP 6 X.B \-posix-strict-lib XUse the strict version of the POSIX standard library. X X.TP 6 X.B \-1-lib XUse UNIX version of standard library. X X.TP 6 X.B \-1-strict-lib XUse the strict version of the UNIX standard library. X X.PP X.B Output X XThese flags control what additional information is printed by Splint. Setting + causes the described Xinformation to be printed; setting - prevents it. By default, all these flags are off. X X.TP 6 X.B \-usestderr XSend error messages to standard error (instead of standard out). X X.TP 6 X.B \-showsummary XShow a summary of all errors reported and suppressed. Counts of suppressed errors are not Xnecessarily correct since turning a flag off may prevent some checking from being done to save Xcomputation, and errors that are not reported may propagate differently from when they are Xreported. X X.TP 6 X.B \-showscan XShow file names are they are processed. X X.TP 6 X.B \-showalluses XShow list of uses of all external identifiers sorted by number of uses. X X.TP 6 X.B \-stats XDisplay number of lines processed and checking time. X X.TP 6 X.B \-timedist XDisplay distribution of where checking time is spent. X X.TP 6 X.B \-quiet XSuppress herald and error count. (If quiet is not set, Splint prints out a herald with version Xinformation before checking begins, and a line summarizing the total number of errors reported.) X X.TP 6 X.B \-whichlib XPrint out the standard library filename and creation information. X X.TP 6 X.BI \-limit " number" XAt most similar errors are reported consecutively. Further errors are suppressed, and a Xmessage showing the number of suppressed messages is printed. X X.PP X.B Expected Errors X XNormally, Splint will expect to report no errors. The exit status will be success (0) if no errors are reported, Xand failure if any errors are reported. Flags can be used to set the expected number of reported errors. XBecause of the provided error suppression mechanisms, these options should probably not be used for final Xchecking real programs but may be useful in developing programs using make. X X.TP 6 X.B \-expect XExactly code errors are expected. Splint will exit with failure exit status unless X code errors are detected. X X.TP 6 X.B \-Message Format XThese flags control how messages are printed. They may be set at the command line, in options files, or Xlocally in syntactic comments. The linelen and limit flags may be preceded by + or - with the same meaning; Xfor the other flags, + turns on the describe printing and - turns it off. The box to the left of each flag gives its Xdefault value. X X.TP 6 X.B \-showcolumn XShow column number where error is found. Default: + X X.TP 6 X.B \-showfunc XShow name of function (or macro) definition containing error. The function name is printed once Xbefore the first message detected in that function. Default: + X X.TP 6 X.B \-showallconjs XShow all possible alternate types (see Section 8.2.2). Default: - X X.TP 6 X.B \-paren-file-format XUse file(line) format in messages. X X.TP 6 X.B \-hints XProvide hints describing an error and how a message may be suppressed for the first error Xreported in each error class. Default: + X X.TP 6 X.B \-forcehints XProvide hints for all errors reported, even if the hint has already been displayed for the same error Xclass. Default: - X X.TP 6 X.BI \-linelen " number" XSet length of maximum message line to characters. Splint will split messages longer Xthan characters long into multiple lines. Default: 80 X X.PP X.B Mode Selector Flags X XMode selects flags set the mode checking flags to predefined values. They provide a quick coarse-grain way Xof controlling what classes of errors are reported. Specific checking flags may be set after a mode flag to Xoverride the mode settings. Mode flags may be used locally, however the mode settings will override specific Xcommand line flag settings. A warning is produced if a mode flag is used after a mode checking flag has been Xset. X XThese are brief descriptions to give a general idea of what each mode does. To see the complete flag settings Xin each mode, use splint -help modes. A mode flag has the same effect when used with either + or -. X X.TP 6 X.B \-weak XWeak checking, intended for typical unannotated C code. No modifies checking, macro checking, Xrep exposure, or clean interface checking is done. Return values of type int may be ignored. The Xtypes bool, int, char and user-defined enum types are all equivalent. Old style declarations are Xunreported. X X.TP 6 X.B \-standard XThe default mode. All checking done by weak, plus modifies checking, global alias checking, use all Xparameters, using released storage, ignored return values or any type, macro checking, Xunreachable code, infinite loops, and fall-through cases. The types bool, int and char are distinct. XOld style declarations are reported. X X.TP 6 X.B \-checks XModerately strict checking. All checking done by standard, plus must modification checking, rep Xexposure, return alias, memory management and complete interfaces. X X.TP 6 X.B \-strict XAbsurdly strict checking. All checking done by checks, plus modifications and global variables Xused in unspecified functions, strict standard library, and strict typing of C operators. A special Xreward will be presented to the first person to produce a real program that produces no errors with Xstrict checking. X X.SH AUTHOR XIf you need to get in contact with the authors send email to X.UR Xmailto:info@splint.org X.UR X Xor visit X.UR Xhttp://www.splint.org X.UR X X.SH "SEE ALSO" Xlint(1) END-of-splint/files/splint.1 echo x - splint/files/patch-aa sed 's/^X//' >splint/files/patch-aa << 'END-of-splint/files/patch-aa' X--- test/Makefile.in Mon Feb 11 14:27:16 2002 X+++ splint-3.0.1.6-patched/test/Makefile.in Sat Mar 2 03:54:44 2002 X@@ -897,8 +897,8 @@ X mostlyclean-generic uninstall uninstall-am uninstall-info-am X X X-unexport LARCH_PATH X-unexport LCLIMPORTDIR X+#unexport LARCH_PATH X+#unexport LCLIMPORTDIR X X .PHONY: all check X all check: fulltest END-of-splint/files/patch-aa exit >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message