Security Vulnerability (SV)checkers detect tainted strings, their concatenation, and other types of tainted data.
Resource Leak (RLK) checkers locate the resource and detect the ways in which the resource can be lost. RLK (Resource Leak) issues are reported when some resources were allocated and not properly disposed after use. Failing to properly dispose a resource can lead to such problems as:
- too many files being open
- an application not being able to access a temporary file when it is needed
Note: When creating RLK checkers, you only need to identify the source(s) and not the sink. The sink is the point at which the resource is lost.
Commoncheckers track data from the time it appears in the code execution to when it is used by the program.