...
MEM31-C-EX1: Allocated memory does not need to be freed if it is assigned to a pointer with static storage duration whose lifetime is the entire execution of a programincludes program termination. The following code example illustrates a pointer that stores the return value from malloc()
in a static
variable:
...
Tool | Version | Checker | Description | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Astrée |
| Supported, but no explicit checker | ||||||||||||||
Axivion Bauhaus Suite |
| CertC-MEM31 | Can detect dynamically allocated resources that are not freed | |||||||||||||
CodeSonar |
| ALLOC.LEAK | Leak | |||||||||||||
Compass/ROSE | ||||||||||||||||
| RESOURCE_LEAK ALLOC_FREE_MISMATCH | Finds resource leaks from variables that go out of scope while owning a resource | ||||||||||||||
Cppcheck |
| memleak leakReturnValNotUsed leakUnsafeArgAlloc memleakOnRealloc | Doesn't use return value of memory allocation function | |||||||||||||
Cppcheck Premium |
| memleak leakReturnValNotUsed leakUnsafeArgAlloc memleakOnRealloc | Doesn't use return value of memory allocation function | |||||||||||||
Helix QAC |
| DF2706, DF2707, DF2708 C++3337, C++3338 | ||||||||||||||
Klocwork |
| MLKCL.FFM. | MIGHTASSIGN | MLKCL.FFM. | MUSTCOPY | MLKCL. | RETSHALLOW. | MUSTASSIGN | MLK.RETCL.SHALLOW.COPY FMM.MIGHT FMM.MUST | |||||||
LDRA tool suite |
| 50 D | Partially implemented | |||||||||||||
Parasoft C/C++test |
| BDCERT_C- | RESMEM31- | LEAKImplementeda | Ensure resources are freed | |||||||||||
Parasoft Insure++ | Detects leaks at runtimeRuntime analysis | |||||||||||||||
PC-lint Plus |
| 429 | Fully supported | |||||||||||||
Polyspace Bug Finder | R2016a | Memory leak | Memory allocated dynamically not freed |
| CERT C: Rule MEM31-C | Checks for memory leak (rule fully covered) | ||||||||||
PVS-Studio |
| V773 | PRQA QA-C | 9.1 | 1771 | PRQA QA-C++ | 4.2 | 3337, 3338 | ||||||||
SonarQube C/C++ Plugin |
| S3584 | ||||||||||||||
Splint |
| |||||||||||||||
TrustInSoft Analyzer |
| malloc | Exhaustively verified. |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...
Intersection( FIO42-C, MEM31-C) = Ø
CWE-404 = CWE-459 = CWE-771 = CWE-772
...
Bibliography
[ISO/IEC 9899:20112024] | Subclause 7.2224.3, "Memory Management Functions" |
...