diff --git a/src/malloc/malloc.c b/src/malloc/malloc.c
index 1a6d1493291c7ed2d816687d92d100b78c972137..4044eb2af921ffee684e70c2cb849a06af72e454 100644
--- a/src/malloc/malloc.c
+++ b/src/malloc/malloc.c
@@ -418,6 +418,9 @@ void *realloc(void *p, size_t n)
 
 	next = NEXT_CHUNK(self);
 
+	/* Crash on corrupted footer (likely from buffer overflow) */
+	if (next->psize != self->csize) a_crash();
+
 	/* Merge adjacent chunks if we need more space. This is not
 	 * a waste of time even if we fail to get enough space, because our
 	 * subsequent call to free would otherwise have to do the merge. */
@@ -471,6 +474,9 @@ void free(void *p)
 	final_size = new_size = CHUNK_SIZE(self);
 	next = NEXT_CHUNK(self);
 
+	/* Crash on corrupted footer (likely from buffer overflow) */
+	if (next->psize != self->csize) a_crash();
+
 	for (;;) {
 		/* Replace middle of large chunks with fresh zero pages */
 		if (reclaim && (self->psize & next->csize & C_INUSE)) {