...
Automated Detection
The LDRA tool suite V Version 7.6.0 can detect violations of this rule.
...
The Coverity Prevent RETURN_LOCAL checker finds many instances where a function will return a pointer to a local stack variable. Coverity Prevent cannot discover all violations of this rule, so further verification is necessary.
The Klocwork LOCRET checker Klocwork Version 8.0.4.16 can detect violations of this rule with the LOCRET checker.
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...