From c4fcad23b1438aa6ad19f518503f861b9e3815e1 Mon Sep 17 00:00:00 2001
From: Dan Sinclair <dsinclair@chromium.org>
Date: Wed, 4 Jan 2017 13:27:51 -0500
Subject: [libtiff] Fixup unitialized access issue

This CL initializes the raw tif data to guard against unitialized memory access.

BUG=chromium:677377

Change-Id: If272fafacd996c2e93a41fb6e477661dc0c5492c
Reviewed-on: https://pdfium-review.googlesource.com/2150
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: dsinclair <dsinclair@chromium.org>
---
 third_party/libtiff/tif_read.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'third_party/libtiff/tif_read.c')

diff --git a/third_party/libtiff/tif_read.c b/third_party/libtiff/tif_read.c
index 5cb419bd41..548b1f5ea6 100644
--- a/third_party/libtiff/tif_read.c
+++ b/third_party/libtiff/tif_read.c
@@ -936,6 +936,9 @@ TIFFReadBufferSetup(TIFF* tif, void* bp, tmsize_t size)
 		    return (0);
 		}
 		tif->tif_rawdata = (uint8*) _TIFFmalloc(tif->tif_rawdatasize);
+		if (tif->tif_rawdata)
+			memset(tif->tif_rawdata, 0, tif->tif_rawdatasize);
+
 		tif->tif_flags |= TIFF_MYBUFFER;
 	}
 	if (tif->tif_rawdata == NULL) {
-- 
cgit v1.2.3