Add Splint, a static code analyzer for C.

svn path=/nixpkgs/trunk/; revision=12343

pkgs/development/tools/analysis/splint/default.nix

@@ -0,0 +1,31 @@
+{ fetchurl, stdenv, flex }:
+
+stdenv.mkDerivation rec {
+  name = "splint-3.1.2";
+
+  src = fetchurl {
+    url = "http://www.splint.org/downloads/${name}.src.tgz";
+    sha256 = "02pv8kscsrkrzip9r08pfs9xs98q74c52mlxzbii6cv6vx1vd3f7";
+  };
+
+  patches = [ ./tmpdir.patch ];
+
+  buildInputs = [ flex ];
+
+  doCheck = true;
+
+  meta = {
+    homepage = http://splint.org/;
+    description = "Splint, an annotation-assisted lightweight static analyzer for C";
+
+    longDescription = ''
+      Splint is a tool for statically checking C programs for security
+      vulnerabilities and coding mistakes.  With minimal effort, Splint
+      can be used as a better lint.  If additional effort is invested
+      adding annotations to programs, Splint can perform stronger
+      checking than can be done by any standard lint.
+    '';
+
+    license = "GPLv2+";
+  };
+}

pkgs/development/tools/analysis/splint/tmpdir.patch

@@ -0,0 +1,16 @@
+Have Splint honor $TMPDIR.
+
+--- splint-3.1.2/src/context.c	2004-07-31 21:04:26.000000000 +0200
++++ splint-3.1.2/src/context.c	2008-07-11 10:55:16.000000000 +0200
+@@ -801,7 +801,10 @@ context_resetAllFlags (void) 
+                 val = cstring_makeLiteral (env != NULL ? env : DEFAULT_TMPDIR);
+ 	      }
+ # else
+-	      val = cstring_makeLiteral (DEFAULT_TMPDIR);
++	      {
++		char *env = getenv ("TMPDIR");
++		val = cstring_makeLiteral (env != NULL ? env : DEFAULT_TMPDIR);
++	      }
+ # endif /* !defined(OS2) && !defined(MSDOS) */
+ 
+ 	      break;

pkgs/top-level/all-packages.nix

@@ -2252,6 +2252,10 @@ let pkgs = rec {
     stdenv = overrideInStdenv stdenv [gnumake380];
   };
 
+  splint = import ../development/tools/analysis/splint {
+    inherit fetchurl stdenv flex;
+  };
+
   strace = import ../development/tools/misc/strace {
     inherit fetchurl stdenv;
   };