edje: Edje_Edit - fix segfault on copying state of IMAGE part with twins

Summary:
The copying of state of IMAGE part with twins caused the sefmentation fault due to the extra memory freing in _edje_edit_part_state_copy() that is deleted with this commit.
The data that is freed was previously copied from the structure of state 'from' and freeing of this data leads to freeing data of 'from' part.
Later, on copying of tweens to 'to' state array of tweens appears segmentation fault because we try to access freed data of 'from' state.

@fix

Reviewers: cedric, Hermet, raster, seoz

Subscribers: cedric, reutskiy.v.v

Differential Revision: https://phab.enlightenment.org/D1636

Signed-off-by: Cedric BAIL <cedric@osg.samsung.com>

1 files changed, 0 insertions, 6 deletions

diff --git a/src/lib/edje/edje_edit.c b/src/lib/edje/edje_edit.c
index b7247acd3b..5b952b06f8 100644
--- a/src/lib/edje/edje_edit.c
+++ b/src/lib/edje/edje_edit.c
@@ -5085,12 +5085,6 @@ _edje_edit_part_state_copy(Evas_Object *obj, const char *part, const char *part_
 
 	   img_to->image = img_from->image;
 
-	   /* Update pointers. */
-	   for (i = 0; i < img_to->image.tweens_count; ++i)
-	     free(img_to->image.tweens[i]);
-	   if (img_to->image.tweens_count > 0)
-		free(img_to->image.tweens);
-
 	   img_to->image.tweens_count = img_from->image.tweens_count;
 	   img_to->image.tweens = calloc(img_to->image.tweens_count,
 					 sizeof (Edje_Part_Image_Id*));