diff --git a/LibRaw.spec b/LibRaw.spec
index 766c3a25ce4c0378e0d549d820020aebdf47ae43..84c0898e277eecddf5cef9b33b697397041ad90b 100644
--- a/LibRaw.spec
+++ b/LibRaw.spec
@@ -1,12 +1,13 @@
 Name:          LibRaw
 Version:       0.20.2
-Release:       3
+Release:       4
 Summary:       Library for reading RAW files obtained from digital photo cameras
 License:       BSD and (CDDL or LGPLv2)
 URL:           http://www.libraw.org
 Source0:       http://github.com/LibRaw/LibRaw/archive/%{version}.tar.gz
 Patch0000:     prevent-buffer-overrun-in-parse_rollei.patch
 Patch0001:     fix-stack-buffer-overflow-in-LibRaw_buffer_datastream_gets.patch
+Patch0002:     fix-use-of-uninitialized-value.patch
 BuildRequires: gcc-c++ pkgconfig(lcms2) pkgconfig(libjpeg)
 BuildRequires: autoconf automake libtool
 Provides:      bundled(dcraw) = 9.25
@@ -67,6 +68,9 @@ rm -rfv samples/.deps samples/.dirstamp samples/*.o
 %exclude %{_docdir}/libraw/*
 
 %changelog
+* Thu Jun 3 2021 zhangjiapeng <zhangjiapeng9@huawei.com> - 0.20.2-4
+- fix use of uninitialized value
+
 * Sat Dec 5 2020 leiju <leiju4@huawei.com> - 0.20.2-3
 - modify Patch0001 name to fix patch parse error
 
diff --git a/fix-use-of-uninitialized-value.patch b/fix-use-of-uninitialized-value.patch
new file mode 100644
index 0000000000000000000000000000000000000000..cfa9e859b625627147df871d3f6964a155ac9df3
--- /dev/null
+++ b/fix-use-of-uninitialized-value.patch
@@ -0,0 +1,20 @@
+diff --git a/src/metadata/sony.cpp b/src/metadata/sony.cpp
+index 120340b..2e8dd49 100644
+--- a/src/metadata/sony.cpp
++++ b/src/metadata/sony.cpp
+@@ -1071,6 +1071,7 @@ void LibRaw::parseSonyMakernotes(
+            (len >= 196))
+   {
+     table_buf = (uchar *)malloc(len);
++    memset(table_buf,0,len);
+     fread(table_buf, len, 1, ifp);
+ 
+     lid = 0x01 << 2;
+@@ -1106,6 +1107,7 @@ void LibRaw::parseSonyMakernotes(
+            (len >= 227))
+   {
+     table_buf = (uchar *)malloc(len);
++    memset(table_buf,0,len);
+     fread(table_buf, len, 1, ifp);
+ 
+     lid = 0x0;