glibc detected ./.a.out: free(): invalid pointer

typedef struct _PERSON
{
        size_t age;
        unsigned char* name;
}PERSON;

int init(PERSON** person)
{
        (* person) = (PERSON *) malloc(sizeof(struct _PERSON));
        (* person)->age = 1;
        (* person)->name = (unsigned char *) malloc(sizeof(4));
        (* person)->name = "NAME";

        return 0;
}

void close(PERSON** person)
{
        (* person)->age = 0;
        if((* person)->name != NULL)
        {
                free((* person)->name);
        }

        if((* person) != NULL)
        {
                free((* person));
        }
}

int main(int argc, char* argv[])
{
        PERSON* p;

        init(&p);

        printf("%d\t%s\n", (int) p->age, p->name);

        close(&p);

        return 0;
}

1       NAME
*** glibc detected *** ./a.out: free(): invalid pointer: 0x000000000040079c ***
======= Backtrace: =========
/lib/libc.so.6(+0x774b6)[0x7fa9027054b6]
/lib/libc.so.6(cfree+0x73)[0x7fa90270bc83]
./a.out(clo开发者_StackOverflow中文版se+0x3d)[0x400651]
./a.out[0x40069f]
/lib/libc.so.6(__libc_start_main+0xfe)[0x7fa9026acd8e]
./a.out[0x4004f9]

...

7fa8fc000000-7fa8fc021000 rw-p 00000000 00:00 0
7fa8fc021000-7fa900000000 ---p 00000000 00:00 0
7fa902478000-7fa90248d000 r-xp 00000000 08:12 23068732                   /lib/libgcc_s.so.1
7fa90248d000-7fa90268c000 ---p 00015000 08:12 23068732                   /lib/libgcc_s.so.1
7fa90268c000-7fa90268d000 r--p 00014000 08:12 23068732                   /lib/libgcc_s.so.1
7fa90268d000-7fa90268e000 rw-p 00015000 08:12 23068732                   /lib/libgcc_s.so.1
7fa90268e000-7fa902808000 r-xp 00000000 08:12 23068970                   /lib/libc-2.12.1.so
7fa902808000-7fa902a07000 ---p 0017a000 08:12 23068970                   /lib/libc-2.12.1.so
7fa902a07000-7fa902a0b000 r--p 00179000 08:12 23068970                   /lib/libc-2.12.1.so
7fa902a0b000-7fa902a0c000 rw-p 0017d000 08:12 23068970                   /lib/libc-2.12.1.so
7fa902a0c000-7fa902a11000 rw-p 00000000 00:00 0
7fa902a11000-7fa902a31000 r-xp 00000000 08:12 23068966                   /lib/ld-2.12.1.so
7fa902c25000-7fa902c28000 rw-p 00000000 00:00 0
7fa902c2e000-7fa902c31000 rw-p 00000000 00:00 0
7fa902c31000-7fa902c32000 r--p 00020000 08:12 23068966                   /lib/ld-2.12.1.so
7fa902c32000-7fa902c33000 rw-p 00021000 08:12 23068966                   /lib/ld-2.12.1.so
7fa902c33000-7fa902c34000 rw-p 00000000 00:00 0
7fff442d5000-7fff442f6000 rw-p 00000000 00:00 0                          [stack]
7fff44308000-7fff44309000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]
Aborted

(* person)->name = (unsigned char ) malloc(sizeof(4)); (* person)->name = "NAME"

Here you request the memory and then lose the pointer to that memory. (You point it to "NAME" which wasn't allocated by malloc.) That's why when you try to free the pointer you get an error.

The problem is in this statement ( *person)->name = "NAME";. This does not copy the string "NAME" to variable name. Instead it makes name point to to another memory location(not the one malloc by you). If you try to free this memory you will get undefined behavior. You need to use strcpy (or strncpy) to copy the string into variable name. Currently you are doing malloc(sizeof(4)), which is not correct. Remember that you need to allocate no.of characters + 1 characters for strings to accomodate the NULL character at the end, currently you have allocated only 4 chars which is not sufficient, you need to allocate memory for 5 chars. So you need to do malloc(sizeof(char)*5).

Also take a look at calloc: calloc

Allows you to allocate n members of a stated size. Perhaps it helps thinking about the problem.