Initialize the stack buffer used to build the auxiliary vector to zero to

avoid leaking the contents of the kernel stack into userspace.

ok guenther@, deraadt@

1 files changed, 2 insertions, 1 deletions

diff --git a/sys/kern/exec_elf.c b/sys/kern/exec_elf.c
index 643a2165885..8ab7a0ebd50 100644
--- a/sys/kern/exec_elf.c
+++ b/sys/kern/exec_elf.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: exec_elf.c,v 1.139 2017/03/05 00:45:30 guenther Exp $	*/
+/*	$OpenBSD: exec_elf.c,v 1.140 2017/03/20 00:05:21 kettenis Exp $	*/
 
 /*
  * Copyright (c) 1996 Per Fogelstrom
@@ -802,6 +802,7 @@ exec_elf_fixup(struct proc *p, struct exec_package *epp)
 	 * linked binaries
 	 */
 	if (error == 0) {
+		memset(&ai, 0, sizeof ai);
 		a = ai;
 
 		a->au_id = AUX_phdr;