...
Klocwork Version 8.0.4.16 can detect violations of this rule with the SV.USAGERULES.UNINTENDED_COPY checkers.
Compass/ROSE could detect possible violations of this rule by first flagging any usage of realloc(). Also it could flag any usage of free that isn't preceded by code to clear out the preceding memory, using memset. This heuristic is imperfect, as it flags all possible data leaks, not just leaks of 'sensitive' data, because ROSE can't tell which data is 'sensitive'.
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...