[libpng16] Initialize profile_header[] in png_handle_iCCP() to fix OSS-fuzz issue.

ANNOUNCE

@@ -86,6 +86,7 @@ Version 1.6.32beta11 [August 6, 2017]
   Make pngtest --strict, --relax, --xfail options imply -m (multiple).
   Removed unused chunk_name parameter from png_check_chunk_length().
   Relocated setting free_me for eXIf data, to stop an OSS-fuzz leak.
+  Initialize profile_header[] in png_handle_iCCP() to fix OSS-fuzz issue.
 
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net
 (subscription required; visit

CHANGES

@@ -5969,6 +5969,7 @@ Version 1.6.32beta11 [August 6, 2017]
   Make pngtest --strict, --relax, --xfail options imply -m (multiple).
   Removed unused chunk_name parameter from png_check_chunk_length().
   Relocated setting free_me for eXIf data, to stop an OSS-fuzz leak.
+  Initialize profile_header[] in png_handle_iCCP() to fix OSS-fuzz issue.
 
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net
 (subscription required; visit

pngrutil.c

@@ -1434,7 +1434,7 @@ png_handle_iCCP(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length)
 
             if (png_inflate_claim(png_ptr, png_iCCP) == Z_OK)
             {
-               Byte profile_header[132];
+               Byte profile_header[132]={0};
                Byte local_buffer[PNG_INFLATE_BUF_SIZE];
                png_alloc_size_t size = (sizeof profile_header);