libtiff: LERCDecode: zero-initialize output buffer if failure

From b8d67338a48c745864114d324323409c0a41a10a Mon Sep 17 00:00:00 2001
From: Even Rouault <[EMAIL REDACTED]>
Date: Sun, 26 May 2024 19:53:44 +0200
Subject: [PATCH] LERCDecode: zero-initialize output buffer if failure

---
 libtiff/tif_lerc.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/libtiff/tif_lerc.c b/libtiff/tif_lerc.c
index d9d8d334..d57b1d25 100644
--- a/libtiff/tif_lerc.c
+++ b/libtiff/tif_lerc.c
@@ -754,6 +754,7 @@ static int LERCDecode(TIFF *tif, uint8_t *op, tmsize_t occ, uint16_t s)
 
     if (sp->uncompressed_buffer == 0)
     {
+        memset(op, 0, (size_t)occ);
         TIFFErrorExtR(tif, module, "Uncompressed buffer not allocated");
         return 0;
     }
@@ -761,6 +762,7 @@ static int LERCDecode(TIFF *tif, uint8_t *op, tmsize_t occ, uint16_t s)
     if ((uint64_t)sp->uncompressed_offset + (uint64_t)occ >
         sp->uncompressed_size)
     {
+        memset(op, 0, (size_t)occ);
         TIFFErrorExtR(tif, module, "Too many bytes read");
         return 0;
     }