Deallocating memory more than once can lead to a double-free vulnerability. This can be exploited to corrupt the allocator's internal data structures, which can lead to denial-of-service attacks by crashing the program, or security vulnerabilities, by allowing an attacker to overwrite arbitrary memory locations.

Ensure that all execution paths deallocate the allocated memory at most once. In complex cases it may help to reassign a pointer to a null value after deallocating it. This will prevent double-free vulnerabilities since most deallocation functions will perform a null-pointer check before attempting to deallocate memory.

In the following example, buff is allocated and then freed twice:

Reviewing the code above, the issue can be fixed by simply deleting the additional call to free(buff).

In the next example, task may be deleted twice, if an exception occurs inside the try block after the first delete:

The problem can be solved by assigning a null value to the pointer after the first delete, as calling delete a second time on the null pointer is harmless.

OWASP: Doubly freeing memory.