I have been getting "*** glibc detected *** free(): invalid next size (fast)" errors in my application that has to create dynamic path names and couldn't figure it out.
Finally I did a Google search and found the solution here: http://www.eskimo.com/~scs/cclass/int/sx7.html
Guess what I had done? malloc()d the string to use one less character than needed like this:
escapedURL = malloc (strlen (URL));
This is CORRECT:
escapedURL = malloc (strlen (URL) + 1);
Because C strings end with a '\0' character.