File icu-CVE-2020-21913.patch of Package icu

diff -Nura icu/source/tools/pkgdata/pkgdata.cpp icu_new/source/tools/pkgdata/pkgdata.cpp
--- icu/source/tools/pkgdata/pkgdata.cpp	2022-08-21 00:26:47.002995872 +0800
+++ icu_new/source/tools/pkgdata/pkgdata.cpp	2022-08-21 18:59:02.758075184 +0800
@@ -48,6 +48,8 @@
 # include <unistd.h>
 #endif
 
+using icu::LocalMemory;
+
 #include <stdio.h>
 #include <stdlib.h>
 
@@ -1366,9 +1368,7 @@
 
 static int32_t pkg_createWithAssemblyCode(const char *targetDir, const char mode, const char *gencFilePath) {
     char tempObjectFile[SMALL_BUFFER_MAX_SIZE] = "";
-    char *cmd;
     int32_t result = 0;
-
     int32_t length = 0;
 
     /* Remove the ending .s and replace it with .o for the new object file. */
@@ -1378,22 +1378,22 @@
     length = uprv_strlen(pkgDataFlags[COMPILER]) + uprv_strlen(pkgDataFlags[LIBFLAGS])
                     + uprv_strlen(tempObjectFile) + uprv_strlen(gencFilePath) + BUFFER_PADDING_SIZE;
 
-    cmd = (char *)uprv_malloc(sizeof(char) * length);
-    if (cmd == NULL) {
+    LocalMemory<char> cmd((char *)uprv_malloc(sizeof(char) * length));
+    if (cmd.isNull()) {
         return -1;
     }
 
     /* Generate the object file. */
-    sprintf(cmd, "%s %s -o %s %s",
+    sprintf(cmd.getAlias(), "%s %s -o %s %s",
             pkgDataFlags[COMPILER],
             pkgDataFlags[LIBFLAGS],
             tempObjectFile,
             gencFilePath);
 
-    result = runCommand(cmd);
-    uprv_free(cmd);
+    result = runCommand(cmd.getAlias());
+
     if (result != 0) {
-        fprintf(stderr, "Error creating with assembly code. Failed command: %s\n", cmd);
+        fprintf(stderr, "Error creating with assembly code. Failed command: %s\n", cmd.getAlias());
         return result;
     }