!12 fix potential memory leak in merge_patch()

From: @XIE-JING-2022 
Reviewed-by: @dillon_chen 
Signed-off-by: @dillon_chen

backport-fix-potential-memory-leak-in-merge_patch.patch

@@ -0,0 +1,12 @@
+diff --git a/cJSON_Utils.c b/cJSON_Utils.c
+index c7c6439..63651df 100644
+--- a/cJSON_Utils.c
++++ b/cJSON_Utils.c
+@@ -1367,6 +1367,7 @@ static cJSON *merge_patch(cJSON *target, const cJSON * const patch, const cJSON_
+             replacement = merge_patch(replace_me, patch_child, case_sensitive);
+             if (replacement == NULL)
+             {
++                cJSON_Delete(target);
+                 return NULL;
+             }
+ 

cjson.spec

@@ -1,6 +1,6 @@
 Name:           cjson
 Version:        1.7.15
-Release:        2
+Release:        3
 Summary:        Ultralightweight JSON parser in ANSI C
  
 License:        MIT and ASL 2.0
@@ -8,6 +8,7 @@ URL:            https://github.com/DaveGamble/cJSON
 Source0:        https://github.com/DaveGamble/cJSON/archive/refs/tags/v1.7.15.tar.gz
  
 Patch0001:	backport-CVE-2023-50471_50472.patch
+Patch0002:	backport-fix-potential-memory-leak-in-merge_patch.patch
 
 BuildRequires:  gcc
 BuildRequires:  cmake
@@ -52,6 +53,9 @@ rm -f %{buildroot}%{_libdir}/cmake/cJSON/*.cmake
 %{_includedir}/cjson/
 
 %changelog
+* Tue Mar 05 2024 xiejing <xiejing@kylinos.cn> - 1.7.15-3
+- fix potential memory leak in merge_patch()
+
 * Sun Dec 24 2023 liningjie <liningjie@xfusion.com> - 1.7.15-2
 - Fix CVE-2023-50471 CVE-2023-50472