tasn pushed a commit to branch efl-1.15. http://git.enlightenment.org/core/efl.git/commit/?id=a3cc5810cbc6878e9aa458688d0fb8e397fd4d9e
commit a3cc5810cbc6878e9aa458688d0fb8e397fd4d9e Author: Youngbok Shin <youngb.s...@samsung.com> Date: Thu Aug 27 11:04:57 2015 +0100 edje: Fix double free scenario caused by static pointer. Summary: The result of evas_object_textblock_cursor_content_get() API has to be cleaned by outside. _edje_entry_cursor_content_get() is calling free() inside of the function for handle the result using static pointer. But, the caller of _edje_entry_cursor_content_get() is already handling the result using free(). It can cause double free problem. The bigger issue is in elementary. See elm_entry_cursor_content_get() API's document. The document advice developers to free the result when it is done. @fix Test Plan: N/A Reviewers: tasn, raster, woohyun Subscribers: cedric Differential Revision: https://phab.enlightenment.org/D2991 --- src/lib/edje/edje_entry.c | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/src/lib/edje/edje_entry.c b/src/lib/edje/edje_entry.c index 4a57d56..deeac86 100644 --- a/src/lib/edje/edje_entry.c +++ b/src/lib/edje/edje_entry.c @@ -3854,18 +3854,11 @@ _edje_entry_cursor_is_visible_format_get(Edje_Real_Part *rp, Edje_Cursor cur) char * _edje_entry_cursor_content_get(Edje_Real_Part *rp, Edje_Cursor cur) { - static char *s = NULL; Evas_Textblock_Cursor *c = _cursor_get(rp, cur); if (!c) return NULL; - if (s) - { - free(s); - s = NULL; - } - s = evas_textblock_cursor_content_get(c); - return s; + return evas_textblock_cursor_content_get(c); } void --