From fe45d45c01b6f3f1a84efcdf362449cdc7643dca Mon Sep 17 00:00:00 2001
From: cherry530 <xuping33@huawei.com>
Date: Fri, 25 Feb 2022 17:40:30 +0800
Subject: [PATCH] fix use of uninitialized value of makernotes.cpp and
 misc_parsers.cpp

Signed-off-by: cherry530 <xuping33@huawei.com>
(cherry picked from commit c00f3c5de508e12205a25899c64930b45b137dcb)
---
 LibRaw.spec                                         |  7 ++++++-
 fix-use-of-uninitialized-value-in-makernotes.patch  | 12 ++++++++++++
 ...use-of-uninitialized-value-in-misc_parsers.patch | 13 +++++++++++++
 3 files changed, 31 insertions(+), 1 deletion(-)
 create mode 100644 fix-use-of-uninitialized-value-in-makernotes.patch
 create mode 100644 fix-use-of-uninitialized-value-in-misc_parsers.patch

diff --git a/LibRaw.spec b/LibRaw.spec
index 84c0898..4f09a42 100644
--- a/LibRaw.spec
+++ b/LibRaw.spec
@@ -1,6 +1,6 @@
 Name:          LibRaw
 Version:       0.20.2
-Release:       4
+Release:       5
 Summary:       Library for reading RAW files obtained from digital photo cameras
 License:       BSD and (CDDL or LGPLv2)
 URL:           http://www.libraw.org
@@ -8,6 +8,8 @@ Source0:       http://github.com/LibRaw/LibRaw/archive/%{version}.tar.gz
 Patch0000:     prevent-buffer-overrun-in-parse_rollei.patch
 Patch0001:     fix-stack-buffer-overflow-in-LibRaw_buffer_datastream_gets.patch
 Patch0002:     fix-use-of-uninitialized-value.patch
+Patch0003:     fix-use-of-uninitialized-value-in-makernotes.patch
+Patch0004:     fix-use-of-uninitialized-value-in-misc_parsers.patch
 BuildRequires: gcc-c++ pkgconfig(lcms2) pkgconfig(libjpeg)
 BuildRequires: autoconf automake libtool
 Provides:      bundled(dcraw) = 9.25
@@ -68,6 +70,9 @@ rm -rfv samples/.deps samples/.dirstamp samples/*.o
 %exclude %{_docdir}/libraw/*
 
 %changelog
+* Fri Feb 25 2022 xu_ping <xuping33@huawei.com> - 0.20.2-5
+- fix use of uninitialized value of makernotes.cpp and misc_parsers.cpp
+
 * Thu Jun 3 2021 zhangjiapeng <zhangjiapeng9@huawei.com> - 0.20.2-4
 - fix use of uninitialized value
 
diff --git a/fix-use-of-uninitialized-value-in-makernotes.patch b/fix-use-of-uninitialized-value-in-makernotes.patch
new file mode 100644
index 0000000..316e64f
--- /dev/null
+++ b/fix-use-of-uninitialized-value-in-makernotes.patch
@@ -0,0 +1,12 @@
+diff --git a/src/metadata/makernotes.cpp b/src/metadata/makernotes.cpp
+index 9433abd..7ae80f5 100644
+--- a/src/metadata/makernotes.cpp
++++ b/src/metadata/makernotes.cpp
+@@ -396,6 +396,7 @@ void LibRaw::parse_makernote(int base, int uptag)
+     is_Sony = 1;
+   }
+ 
++  memset(buf, '0', 10);
+   fread(buf, 1, 10, ifp);
+ 
+   if (!strncmp(buf, "KDK", 3)  || /* these aren't TIFF tables */
diff --git a/fix-use-of-uninitialized-value-in-misc_parsers.patch b/fix-use-of-uninitialized-value-in-misc_parsers.patch
new file mode 100644
index 0000000..662f4a9
--- /dev/null
+++ b/fix-use-of-uninitialized-value-in-misc_parsers.patch
@@ -0,0 +1,13 @@
+diff --git a/src/metadata/misc_parsers.cpp b/src/metadata/misc_parsers.cpp
+index 7a74c9f..9a2d83d 100644
+--- a/src/metadata/misc_parsers.cpp
++++ b/src/metadata/misc_parsers.cpp
+@@ -299,6 +299,8 @@ void LibRaw::parse_rollei()
+ 
+   fseek(ifp, 0, SEEK_SET);
+   memset(&t, 0, sizeof t);
++  memset(line, '0', 128);
++  val = line;
+   do
+   {
+     line[0] = 0;
-- 
Gitee