libtiff: ZSTDDecode: zero-initialize (not-yet-written parts of) output buffer if failure

From ffdae44185cb54446cc83f89a4647df3a6e9d38a Mon Sep 17 00:00:00 2001
From: Even Rouault <[EMAIL REDACTED]>
Date: Sun, 26 May 2024 19:59:57 +0200
Subject: [PATCH] ZSTDDecode: zero-initialize (not-yet-written parts of) output
 buffer if failure

---
 libtiff/tif_zstd.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/libtiff/tif_zstd.c b/libtiff/tif_zstd.c
index 5aaf4c44..fc73ce9c 100644
--- a/libtiff/tif_zstd.c
+++ b/libtiff/tif_zstd.c
@@ -146,6 +146,7 @@ static int ZSTDDecode(TIFF *tif, uint8_t *op, tmsize_t occ, uint16_t s)
         zstd_ret = ZSTD_decompressStream(sp->dstream, &out_buffer, &in_buffer);
         if (ZSTD_isError(zstd_ret))
         {
+            memset(op + out_buffer.pos, 0, out_buffer.size - out_buffer.pos);
             TIFFErrorExtR(tif, module, "Error in ZSTD_decompressStream(): %s",
                           ZSTD_getErrorName(zstd_ret));
             return 0;
@@ -155,6 +156,7 @@ static int ZSTDDecode(TIFF *tif, uint8_t *op, tmsize_t occ, uint16_t s)
 
     if (out_buffer.pos < (size_t)occ)
     {
+        memset(op + out_buffer.pos, 0, out_buffer.size - out_buffer.pos);
         TIFFErrorExtR(tif, module,
                       "Not enough data at scanline %lu (short %lu bytes)",
                       (unsigned long)tif->tif_row,