libtiff: LZWDecode: zero-initialize (not-yet-written parts of) output buffer if failure

From a455f07aa04eda534f7b9180fe592ad4ec5e8935 Mon Sep 17 00:00:00 2001
From: Even Rouault <[EMAIL REDACTED]>
Date: Sun, 26 May 2024 19:48:23 +0200
Subject: [PATCH] LZWDecode: zero-initialize (not-yet-written parts of) output
 buffer if failure

---
 libtiff/tif_lzw.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/libtiff/tif_lzw.c b/libtiff/tif_lzw.c
index 05ac8aa1..4baf78e5 100644
--- a/libtiff/tif_lzw.c
+++ b/libtiff/tif_lzw.c
@@ -417,6 +417,7 @@ static int LZWDecode(TIFF *tif, uint8_t *op0, tmsize_t occ0, uint16_t s)
 
     if (sp->read_error)
     {
+        memset(op, 0, (size_t)occ);
         TIFFErrorExtR(tif, module,
                       "LZWDecode: Scanline %" PRIu32 " cannot be read due to "
                       "previous error",
@@ -731,6 +732,7 @@ static int LZWDecode(TIFF *tif, uint8_t *op0, tmsize_t occ0, uint16_t s)
 
     if (occ > 0)
     {
+        memset(op, 0, (size_t)occ);
         TIFFErrorExtR(tif, module,
                       "Not enough data at scanline %" PRIu32 " (short %" PRIu64
                       " bytes)",
@@ -740,12 +742,14 @@ static int LZWDecode(TIFF *tif, uint8_t *op0, tmsize_t occ0, uint16_t s)
     return (1);
 
 no_eoi:
+    memset(op, 0, (size_t)occ);
     sp->read_error = 1;
     TIFFErrorExtR(tif, module,
                   "LZWDecode: Strip %" PRIu32 " not terminated with EOI code",
                   tif->tif_curstrip);
     return 0;
 error_code:
+    memset(op, 0, (size_t)occ);
     sp->read_error = 1;
     TIFFErrorExtR(tif, tif->tif_name, "Using code not yet in table");
     return 0;