...
To eliminate double-free vulnerabilities, it is necessary to guarantee that dynamic memory is freed exactly one time. Programmers should be wary when freeing memory in a loop or conditional statement; if coded incorrectly, these constructs can lead to double-free vulnerabilities. It is also a common error to misuse the realloc() function in a manner that results in double-free vulnerabilities. (See MEM04-C. Do not perform zero-length allocations.)
Noncompliant Code Example (malloc())
...
CERT C Secure Coding Standard: MEM04-C. Do not perform zero-length allocations
ISISO/IEC 9899:2011 Section 7.22.3, "Memory management functions"
...