I changed the version of function which returned pointer, I had null and only annotations and the warning was still reported. It is *ciphertext that can become null, I allocate the memory to it by giving the address of the original pointer as function parameter. The last version works fine for me.
It is a university small project in which we are about to play with Splint. >From what I read I thought it is a frozen project, but seems like the community is working nicely. Can you tell me if Splint is used for large projects, is it useful with respect to time spent annotating and false alarms it gives ? Also, do you know any particular issues that Splint have problems to resolve (I found memory leaks with owned annotations) ? Thanks a lot for help, Kris 2009/10/26 Bill Pringlemeir <spl...@sympatico.ca> > On 26 Oct 2009, kris.slowin...@gmail.com wrote: > > > I have the following function declaration: void > > createCiphertext(char* plaintext, char**ciphertext); which is > > supposed to allocate memory to *ciphertext. I have a Splint warning > > that *ciphertext may be null and that createCiphertext needs to > > annotate that in the declaration, but I dont know how to annotate > > *ciphertext. Any help? > > Does createCiphertext() have anything like this, > > if(ciphertext == NULL) > return; > > You might want to check that this value is non-NULL depending on the > circumstances. I don't know if this is an API that many programmers > will use or if it is local to the module (in which case you should use > static). > > Another thing is that you can easily change the API so that this error > can not occur. Ie, > > /* returns ciphertext */ > /*...@only@*/ /*...@null@*/ char * createCiphertext(char* plaintext); > > The /*...@only@*/ and /*...@null@*/ portions are splint annotations. > > Back to your original question, I am not quite sure which portion of > the pointer needs to be null/non-null. I am guessing that with things > the way you have them the annoation is one of, > > void > createCiphertext(char* plaintext, /*...@notnull@*/ char**ciphertext); > > void > createCiphertext(char* plaintext, /*...@null@*/ char**ciphertext); > > typedef /*...@notnull@*/ char * good_ptr; > void createCiphertext(char* plaintext, good_ptr *ciphertext); > > typedef /*...@null@*/ char * bad_ptr; > void createCiphertext(char* plaintext, bad_ptr *ciphertext); > > I think you have given too little context to know which version and it > is better if you known what you are doing than being spoon feed. > > The null annotations are detailed in sections 2 of the manual. > > http://www.splint.org/manual/html/sec2.html > http://www.splint.org/manual/html/appC.html > > hth, > Bill Pringlemeir. > > -- > I believe that sex is one of the most beautiful, natural, wholesome things > that money can buy. - Steve Martin > _______________________________________________ > splint-discuss mailing list > splint-discuss@mail.cs.virginia.edu > http://www.cs.virginia.edu/mailman/listinfo/splint-discuss >
_______________________________________________ splint-discuss mailing list splint-discuss@mail.cs.virginia.edu http://www.cs.virginia.edu/mailman/listinfo/splint-discuss
