...
The Coverity Prevent RESOURCE_LEAK finds resource leaks from variables that go out of scope while owning a resource. Coverity Prevent cannot discover all violations of this rule so further verification is necessary.
Compass/ROSE can detect some violations of this rule. In particular, false positives may be raised if a variable is freed by a different function than the one that allocated it. Also, false negatives may be raised in cases where a call to free() happens inside of a for-loop.
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...