From f757fe5ccf2f0e42c89b08144f02b1840b97debb Mon Sep 17 00:00:00 2001 From: Mike Blumenkrantz Date: Wed, 24 Feb 2016 11:52:56 -0500 Subject: [PATCH] edje: unset animator pointer after free in _edje_file_del() this function may be called repeatedly with no other animator created in between, leading to invalid object access @fix --- src/lib/edje/edje_load.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/lib/edje/edje_load.c b/src/lib/edje/edje_load.c index c431ac40ca..be94d784df 100644 --- a/src/lib/edje/edje_load.c +++ b/src/lib/edje/edje_load.c @@ -1720,6 +1720,7 @@ _edje_file_del(Edje *ed) _edje_animators = eina_list_remove(_edje_animators, ed); eo_do(ed->obj, eo_event_callback_del(EFL_CORE_ANIMATOR_EVENT_ANIMATOR_TICK, _edje_timer_cb, ed)); ecore_animator_del(ed->animator); + ed->animator = NULL; if (ed->pending_actions) {