From a49dc69446ef0adbab127e5fe935b0aa382d98b0 Mon Sep 17 00:00:00 2001
From: Akira TAGOH <tagoh@redhat.com>
Date: Fri, 13 Sep 2013 17:35:18 +0900
Subject: [PATCH] Fix memory leaks in FcFreeTypeQueryFace().

---
 fontconfig-fix-memleak.patch | 69 ++++++++++++++++++++++++++++++++++++
 fontconfig.spec              |  7 +++-
 2 files changed, 75 insertions(+), 1 deletion(-)
 create mode 100644 fontconfig-fix-memleak.patch

diff --git a/fontconfig-fix-memleak.patch b/fontconfig-fix-memleak.patch
new file mode 100644
index 0000000..f7753ea
--- /dev/null
+++ b/fontconfig-fix-memleak.patch
@@ -0,0 +1,69 @@
+From a61e145304da86c8c35b137493bbd8fd5dd1e7f5 Mon Sep 17 00:00:00 2001
+From: Akira TAGOH <akira@tagoh.org>
+Date: Mon, 9 Sep 2013 19:59:31 +0900
+Subject: [PATCH] Fix memory leaks in FcFreeTypeQueryFace
+
+---
+ src/fcfreetype.c | 15 ++++++++++-----
+ 1 file changed, 10 insertions(+), 5 deletions(-)
+
+diff --git a/src/fcfreetype.c b/src/fcfreetype.c
+index 02e85cb..e394307 100644
+--- a/src/fcfreetype.c
++++ b/src/fcfreetype.c
+@@ -1105,7 +1105,6 @@ FcFreeTypeQueryFace (const FT_Face  face,
+     const char	    *tmp;
+ 
+     FcChar8	    *hashstr = NULL;
+-    char	    *fontdata = NULL;
+     FT_Error	    err;
+     FT_ULong	    len = 0, alen;
+ 
+@@ -1668,15 +1667,21 @@ FcFreeTypeQueryFace (const FT_Face  face,
+     err = FT_Load_Sfnt_Table (face, 0, 0, NULL, &len);
+     if (err == FT_Err_Ok)
+     {
++	char *fontdata;
++
+ 	alen = (len + 63) & ~63;
+ 	fontdata = malloc (alen);
+ 	if (!fontdata)
+ 	    goto bail3;
+ 	err = FT_Load_Sfnt_Table (face, 0, 0, (FT_Byte *)fontdata, &len);
+ 	if (err != FT_Err_Ok)
++	{
++	    free (fontdata);
+ 	    goto bail3;
++	}
+ 	memset (&fontdata[len], 0, alen - len);
+ 	hashstr = FcHashGetSHA256DigestFromMemory (fontdata, len);
++	free (fontdata);
+     }
+     else if (err == FT_Err_Invalid_Face_Handle)
+     {
+@@ -1692,7 +1697,11 @@ FcFreeTypeQueryFace (const FT_Face  face,
+     if (hashstr)
+     {
+ 	if (!FcPatternAddString (pat, FC_HASH, hashstr))
++	{
++	    free (hashstr);
+ 	    goto bail1;
++	}
++	free (hashstr);
+     }
+ bail3:
+ 
+@@ -1783,10 +1792,6 @@ bail3:
+ bail2:
+     FcCharSetDestroy (cs);
+ bail1:
+-    if (hashstr)
+-	free (hashstr);
+-    if (fontdata)
+-	free (fontdata);
+     FcPatternDestroy (pat);
+ bail0:
+     return NULL;
+-- 
+1.8.3.1
+
diff --git a/fontconfig.spec b/fontconfig.spec
index fe99682..11857d3 100644
--- a/fontconfig.spec
+++ b/fontconfig.spec
@@ -3,7 +3,7 @@
 Summary:	Font configuration and customization library
 Name:		fontconfig
 Version:	2.10.95
-Release:	3%{?dist}
+Release:	4%{?dist}
 # src/ftglue.[ch] is in Public Domain
 # src/fccache.c contains Public Domain code
 # fc-case/CaseFolding.txt is in the UCD
@@ -17,6 +17,7 @@ Source1:	25-no-bitmap-fedora.conf
 # https://bugzilla.redhat.com/show_bug.cgi?id=140335
 Patch0:		fontconfig-2.8.0-sleep-less.patch
 Patch1:		fontconfig-no-dir-when-no-conf.patch
+Patch2:		fontconfig-fix-memleak.patch
 
 BuildRequires:	expat-devel
 BuildRequires:	freetype-devel >= %{freetype_version}
@@ -59,6 +60,7 @@ which is useful for developing applications that uses fontconfig.
 %setup -q
 %patch0 -p1 -b .sleep-less
 %patch1 -p1 -b .nodir
+%patch2 -p1 -b .memleak
 
 %build
 # We don't want to rebuild the docs, but we want to install the included ones.
@@ -135,6 +137,9 @@ fi
 %doc fontconfig-devel.txt fontconfig-devel
 
 %changelog
+* Fri Sep 13 2013 Akira TAGOH <tagoh@redhat.com> - 2.10.95-4
+- Fix memory leaks in FcFreeTypeQueryFace().
+
 * Mon Sep  2 2013 Akira TAGOH <tagoh@redhat.com> - 2.10.95-3
 - Do not create a directory for migration when no old config file and directory.
   (#1003495)