Yes, the code is wrong. At the best case, accessing any Persons inside map stomp on memory that doesn't belong to the Person. At the worst case, you won't notice memory corruption until much later.
Does the memory leak report include where the memory is leaking? I do not see any memory leaks here as the Person*s weren't allocated on the heap.
Also, your friend should consider using a smart pointer (such as a shared_pointer) if map owns the Persons it contains. This way, the Persons are automatically deleted when the map expires.
I suggested that. He is in a beginning C++ class that has yet to cover smart pointers, so he is unsure if he would credit deducted for using them. The memory leak looks as such:
==8448== HEAP SUMMARY:
==8448== in use at exit: 17 bytes in 1 blocks
==8448== total heap usage: 6 allocs, 5 frees, 141 bytes allocated
==8448==
==8448== 17 bytes in 1 blocks are definitely lost in loss record 1 of 1
==8448== at 0x402BE94: operator new(unsigned int) (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==8448== by 0x40E9403: std::string::_Rep::_S_create(unsigned int, unsigned int, std::allocator<char> const&) (in /usr/lib/i386-linux-gnu/libstdc++.so.6.0.18)
==8448== by 0x40E96BA: std::string::_M_mutate(unsigned int, unsigned int, unsigned int) (in /usr/lib/i386-linux-gnu/libstdc++.so.6.0.18)
==8448== by 0x40E9F65: std::string::_M_replace_safe(unsigned int, unsigned int, char const*, unsigned int) (in /usr/lib/i386-linux-gnu/libstdc++.so.6.0.18)
==8448== by 0x40E9FFE: std::string::assign(char const*, unsigned int) (in /usr/lib/i386-linux-gnu/libstdc++.so.6.0.18)
==8448== by 0x40EA1DF: std::string::operator=(char const*) (in /usr/lib/i386-linux-gnu/libstdc++.so.6.0.18)
==8448== by 0x419F934: (below main) (libc-start.c:260)
This is the report on a side project I made right now to reproduce the issue where I am using a vector instead of a map, as it repeats with any collection.
That code shows no memory leak. It shows undefined behaviour. It's allowed to syphon money from your bank account and use it to support terrorism. Or appear to work normally. That's the nature of undefined behaviour. It's undefined.
Hahaha, I liked this comment. That's where that $10.43 went...
So on different systems that code could result in completely different behavior?