@Stiletto, ПРУФ:
stil@sirius /tmp % cat shit.c
#include <stdlib.h>
main()
{
char *a = malloc(1);
free(a);
free(a);
}
stil@sirius /tmp % gcc shit.c -o shit
stil@sirius /tmp % ./shit
** glibc detected * ./shit: double free or corruption (fasttop): 0x09992008 **
======= Backtrace: =========
/lib/libc.so.6(+0x6b4cf)[0xb771c4cf]
/lib/libc.so.6(+0x6ce3b)[0xb771de3b]
/lib/libc.so.6(cfree+0x6e)[0xb772104e]
./shit[0x8048455]
/lib/libc.so.6(__libc_start_main+0xe7)[0xb76c7e27]
./shit[0x8048371]
======= Memory map: ========
08048000-08049000 r-xp 00000000 00:13 2254217 /tmp/shit
08049000-0804a000 r--p 00000000 00:13 2254217 /tmp/shit
0804a000-0804b000 rw-p 00001000 00:13 2254217 /tmp/shit
09992000-099b3000 rw-p 00000000 00:00 0 [heap]
b7500000-b7521000 rw-p 00000000 00:00 0
b7521000-b7600000 ---p 00000000 00:00 0
b7695000-b76ae000 r-xp 00000000 08:05 120991 /usr/lib/gcc/i686-pc-linux-gnu/4.5.3/libgcc_s.so.1
b76ae000-b76af000 r--p 00018000 08:05 120991 /usr/lib/gcc/i686-pc-linux-gnu/4.5.3/libgcc_s.so.1
b76af000-b76b0000 rw-p 00019000 08:05 120991 /usr/lib/gcc/i686-pc-linux-gnu/4.5.3/libgcc_s.so.1
b76b0000-b76b1000 rw-p 00000000 00:00 0
b76b1000-b780a000 r-xp 00000000 08:05 31502 /lib/libc-2.13.so
b780a000-b780c000 r--p 00159000 08:05 31502 /lib/libc-2.13.so
b780c000-b780d000 rw-p 0015b000 08:05 31502 /lib/libc-2.13.so
b780d000-b7810000 rw-p 00000000 00:00 0
b7840000-b7841000 rw-p 00000000 00:00 0
b7841000-b7842000 r-xp 00000000 00:00 0 [vdso]
b7842000-b785e000 r-xp 00000000 08:05 31501 /lib/ld-2.13.so
b785e000-b785f000 r--p 0001b000 08:05 31501 /lib/ld-2.13.so
b785f000-b7860000 rw-p 0001c000 08:05 31501 /lib/ld-2.13.so
bf899000-bf8bb000 rw-p 00000000 00:00 0 [stack]
[1] 28577 abort ./shit