diff --git a/fix-memory-uninitialized-in-fuzz-testcase.patch b/fix-memory-uninitialized-in-fuzz-testcase.patch
new file mode 100644
index 0000000000000000000000000000000000000000..86d728d758e7fa53a917aa26d0bfa8d5a0f2c84c
--- /dev/null
+++ b/fix-memory-uninitialized-in-fuzz-testcase.patch
@@ -0,0 +1,13 @@
+diff --git a/sds.c b/sds.c
+index 49d2096..9d46dc4 100644
+--- a/sds.c
++++ b/sds.c
+@@ -513,7 +513,7 @@ sds sdscatvprintf(sds s, const char *fmt, va_list ap) {
+     } else {
+         buflen = sizeof(staticbuf);
+     }
+-
++    memset(buf, 0, buflen);
+     /* Try with buffers two times bigger every time we fail to
+      * fit the string in the current buffer size. */
+     while(1) {
diff --git a/hiredis.spec b/hiredis.spec
index c5224df8403d32cd9c41279a2be14a8d9944c26c..944d63bb73e196eb5cbe59ac84bd946aa53a878e 100644
--- a/hiredis.spec
+++ b/hiredis.spec
@@ -1,6 +1,6 @@
 Name:           hiredis
 Version:        1.0.2
-Release:        2
+Release:        3
 Summary:        A minimalistic C client library for the Redis database
 License:        BSD
 URL:            https://github.com/redis/hiredis
@@ -8,6 +8,7 @@ Source0:        https://github.com/redis/hiredis/archive/refs/tags/v%{version}.t
 BuildRequires:  gcc redis
 
 Patch0001:      fix-heap-buffer-overflow-in-redisvFormatCommand.patch
+Patch0002:      fix-memory-uninitialized-in-fuzz-testcase.patch
 
 %description
 Hiredis is a minimalistic C client library for the Redis database.
@@ -60,6 +61,9 @@ make check || true
 %{_libdir}/pkgconfig/hiredis.pc
 
 %changelog
+* Fri Dec 16 2022 xu_ping <xuping33@h-partners.com> - 1.0.2-3
+- fix memory uninitialized in fuzz testcase
+
 * Tue May 24 2022 loong_C <loong_c@yeah.net> - 1.0.2-2
 - fix spec changelog date