Splint Manual-Security Programming Tests-Pruebas de Seguridad de Programas - 0 views
-
Alberto Adrián Schiano on 28 May 10Problems detected by Splint include: · Dereferencing a possibly null pointer (Section 2); · Using possibly undefined storage or returning storage that is not properly defined (Section 3); · Type mismatches, with greater precision and flexibility than provided by C compilers (Section 4.1-4.2); · Violations of information hiding (Section 4.3); · Memory management errors including uses of dangling references and memory leaks (Section 5); · Dangerous aliasing (Section 6); · Modifications and global variable uses that are inconsistent with specified interfaces (Section 7); · Problematic control flow such as likely infinite loops (Section 8.3.1), fall through cases or incomplete switches (Section 8.3.2), and suspicious statements (Section 8.4); · Buffer overflow vulnerabilities (Section 9); · Dangerous macro implementations or invocations (Section 11); and · Violations of customized naming conventions. (Section 12).