Description: Ensure the MakerNote data pointers are initialized with NULL (CVE-2020-13113)
 This ensures that an uninitialized pointer isn't dereferenced later in the 
 case where the number of components (and therefore size) is 0.
 .
 This fixes the second issue reported at https://sourceforge.net/p/libexif/bugs/125/
Origin: commit:ec412aa4583ad71ecabb967d3c77162760169d1f
Author: Dan Fandrich <dan@coneharvesters.com>
Last-Update: 2020-05-23

---

--- a/libexif/canon/exif-mnote-data-canon.c
+++ b/libexif/canon/exif-mnote-data-canon.c
@@ -236,6 +236,7 @@
 	for (i = c, o = datao; i; --i, o += 12) {
 		size_t s;
 
+		memset(&n->entries[tcount], 0, sizeof(MnoteCanonEntry));
 		if (CHECKOVERFLOW(o,buf_size,12)) {
 			exif_log (ne->log, EXIF_LOG_CODE_CORRUPT_DATA,
 				"ExifMnoteCanon", "Short MakerNote");
--- a/libexif/fuji/exif-mnote-data-fuji.c
+++ b/libexif/fuji/exif-mnote-data-fuji.c
@@ -198,6 +198,7 @@
 	for (i = c, o = datao; i; --i, o += 12) {
 		size_t s;
 
+		memset(&n->entries[tcount], 0, sizeof(MnoteFujiEntry));
 		if (CHECKOVERFLOW(o, buf_size, 12)) {
 			exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
 				  "ExifMnoteDataFuji", "Short MakerNote");
--- a/libexif/olympus/exif-mnote-data-olympus.c
+++ b/libexif/olympus/exif-mnote-data-olympus.c
@@ -433,6 +433,8 @@
 	tcount = 0;
 	for (i = c, o = o2; i; --i, o += 12) {
 		size_t s;
+
+		memset(&n->entries[tcount], 0, sizeof(MnoteOlympusEntry));
 		if (CHECKOVERFLOW(o, buf_size, 12)) {
 			exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
 				  "ExifMnoteOlympus", "Short MakerNote");
--- a/libexif/pentax/exif-mnote-data-pentax.c
+++ b/libexif/pentax/exif-mnote-data-pentax.c
@@ -280,6 +280,7 @@
 	for (i = c, o = datao; i; --i, o += 12) {
 		size_t s;
 
+		memset(&n->entries[tcount], 0, sizeof(MnotePentaxEntry));
 		if (CHECKOVERFLOW(o,buf_size,12)) {
 			exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
 				  "ExifMnoteDataPentax", "Short MakerNote");