From 4dcd1e60597c5bd79eab29f49717a13b1b144c8b Mon Sep 17 00:00:00 2001
From: Andrew Kelley <andrew@ziglang.org>
Date: Thu, 17 Dec 2020 20:35:29 -0700
Subject: [PATCH] start code: overwrite AT_RANDOM after we use it

---
 lib/std/start.zig | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/lib/std/start.zig b/lib/std/start.zig
index b6fb7e4dfd..6249a6e1ac 100644
--- a/lib/std/start.zig
+++ b/lib/std/start.zig
@@ -226,11 +226,17 @@ fn posixCallMainAndExit() noreturn {
                         // "The address of sixteen bytes containing a random value."
                         const addr = auxv[i].a_un.a_val;
                         if (addr == 0) break;
-                        const ptr = @intToPtr(*const [16]u8, addr);
+                        const ptr = @intToPtr(*[16]u8, addr);
                         var seed: [32]u8 = undefined;
                         seed[0..16].* = ptr.*;
                         seed[16..].* = ptr.*;
                         tlcsprng.init(seed);
+                        // Overwrite AT_RANDOM after we use it, otherwise our secure
+                        // seed is sitting in memory ready for some other code in the
+                        // program to reuse, and hence break our security.
+                        // We play nice by refreshing it with fresh random bytes
+                        // rather than clearing it.
+                        std.crypto.random.bytes(ptr);
                         break;
                     },
                     else => continue,