tasn pushed a commit to branch efl-1.15.


commit a3cc5810cbc6878e9aa458688d0fb8e397fd4d9e
Author: Youngbok Shin <youngb.s...@samsung.com>
Date:   Thu Aug 27 11:04:57 2015 +0100

    edje: Fix double free scenario caused by static pointer.
    The result of evas_object_textblock_cursor_content_get() API has to be 
    by outside.  _edje_entry_cursor_content_get() is calling free() inside of 
    function for handle the result using static pointer. But, the caller of
    _edje_entry_cursor_content_get() is already handling the result using 
    It can cause double free problem.
    The bigger issue is in elementary. See elm_entry_cursor_content_get() API's
    document. The document advice developers to free the result when it is done.
    Test Plan: N/A
    Reviewers: tasn, raster, woohyun
    Subscribers: cedric
    Differential Revision: https://phab.enlightenment.org/D2991
 src/lib/edje/edje_entry.c | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/src/lib/edje/edje_entry.c b/src/lib/edje/edje_entry.c
index 4a57d56..deeac86 100644
--- a/src/lib/edje/edje_entry.c
+++ b/src/lib/edje/edje_entry.c
@@ -3854,18 +3854,11 @@ _edje_entry_cursor_is_visible_format_get(Edje_Real_Part 
*rp, Edje_Cursor cur)
 char *
 _edje_entry_cursor_content_get(Edje_Real_Part *rp, Edje_Cursor cur)
-   static char *s = NULL;
    Evas_Textblock_Cursor *c = _cursor_get(rp, cur);
    if (!c) return NULL;
-   if (s)
-     {
-        free(s);
-        s = NULL;
-     }
-   s = evas_textblock_cursor_content_get(c);
-   return s;
+   return evas_textblock_cursor_content_get(c);


