Fix more issues found by fuzzer

src/bmffimage.cpp

@@ -303,8 +303,8 @@ namespace Exiv2
                 std::string id;
                 // Check that the string has a '\0' terminator.
                 const char* str = data.c_str(skip);
-                const auto maxlen = static_cast<size_t>(data.size() - skip);
-                enforce(strnlen(str, maxlen) < maxlen, Exiv2::kerCorruptedMetadata);
+                const size_t maxlen = data.size() - skip;
+                enforce(maxlen > 0 && strnlen(str, maxlen) < maxlen, Exiv2::kerCorruptedMetadata);
                 std::string name(str);
                 if (name.find("Exif") != std::string::npos) {  // "Exif" or "ExifExif"
                     exifID_ = ID;

src/pngimage.cpp

@@ -701,14 +701,15 @@ namespace Exiv2 {
             } else if (!strcmp(szChunk, "tEXt") || !strcmp(szChunk, "zTXt") || !strcmp(szChunk, "iTXt") ||
                        !strcmp(szChunk, "iCCP")) {
                 DataBuf key = PngChunk::keyTXTChunk(chunkBuf, true);
-                if (compare("Raw profile type exif", key, 21) ||
+                if (key.empty() == false && (
+                    compare("Raw profile type exif", key, 21) ||
                     compare("Raw profile type APP1", key, 21) ||
                     compare("Raw profile type iptc", key, 21) ||
                     compare("Raw profile type xmp",  key, 20) ||
                     compare("XML:com.adobe.xmp",     key, 17) ||
                     compare("icc",                   key,  3) || // see test/data/imagemagick.png
                     compare("ICC",                   key,  3) ||
-                    compare("Description",           key, 11))
+                    compare("Description",           key, 11)))
                 {
 #ifdef EXIV2_DEBUG_MESSAGES
                     std::cout << "Exiv2::PngImage::doWriteMetadata: strip " << szChunk