Bug 1318012 - SandboxBrokerCommon::SendWithFd sends uninitialised stack-allocated data out of process. r=jld@mozilla.com.

security/sandbox/linux/broker/SandboxBrokerCommon.cpp

@@ -12,6 +12,7 @@
 #include <sys/socket.h>
 #include <sys/types.h>
 #include <unistd.h>
+#include <string.h>
 
 #ifndef MSG_CMSG_CLOEXEC
 #ifdef XP_LINUX
@@ -99,6 +100,7 @@ SandboxBrokerCommon::SendWithFd(int aFd, const iovec* aIO, size_t aNumIO,
   msg.msg_iovlen = aNumIO;
 
   char cmsg_buf[CMSG_SPACE(sizeof(int))];
+  memset(cmsg_buf, 0, sizeof(cmsg_buf));
   if (aPassedFd != -1) {
     msg.msg_control = cmsg_buf;
     msg.msg_controllen = sizeof(cmsg_buf);