A simple, yet effective way to avoid double-free and access-freed-memory vulnerabilities is to set pointers to NULL once after they have been freed. The specification of the free function states that calling free Calling free() on a NULL pointer incurs no action. As a result, if a pointer is freed pointers can be safely set to NULL after it is freed, the chances of introducing vulnerabilities related to free are eliminated to help eliminate memory related vulnerabilities.
References
- ISO/IEC 9899-1999 Section 7.20.3.2 The free function
- Seacord 05 Chapter 4 Dynamic Memory Management