For decades lint has remained the most used static analysis utility for C. splint (Secure Programming Lint) has been around for some years now and is regarding as the modern version of lint. In addition to coding gotchas, splint also checks for security vulnerabilities, which is a very significant aspect of modern programming.
splint needs very minimal effort to setup and use. And if you can spend some more time, it can work better than any other lint tool.
splint checks for buffer overflow vulnerabilities as well as dynamic memory errors. There are a lot of options to toggle several features.
To install splint on Ubuntu, run:
$ sudo apt-get install splint
To analyze a set of project files under the same directory with default options, run:
$ splint *.c
This will take care of the headers used too.
Learn more about splint:
$ man splint $ splint -help
Help is divided into several topics:
annotations (describes source-code annotations) comments (describes control comments) flags (describes flag categories) flags <category> (describes flags in category) flags all (short description of all flags) flags alpha (list all flags alphabetically) flags full (full description of all flags) mail (information on mailing lists) modes (show mode settings) parseerrors (help on handling parser errors) prefixcodes (character codes in namespace prefixes) references (sources for more information) vars (environment variables) version (information on compilation, maintainer)
To learn more about modes, for example, run:
$ splint -help modes