[CVE-2017-0015] Fix SpreadArgs uninitialized memory

lib/Runtime/Language/InterpreterStackFrame.cpp

@@ -6348,6 +6348,7 @@ const byte * InterpreterStackFrame::OP_ProfiledLoopBodyStart(const byte * ip)
                 PROBE_STACK(scriptContext, outArgs.Info.Count * sizeof(Var) + Js::Constants::MinStackDefault); // args + function call
                 outArgsSize = outArgs.Info.Count * sizeof(Var);
                 outArgs.Values = (Var*)_alloca(outArgsSize);
+                ZeroMemory(outArgs.Values, outArgsSize);
             }
             else
             {

lib/Runtime/Language/ProfilingHelpers.cpp

@@ -487,6 +487,7 @@ namespace Js
                 PROBE_STACK(scriptContext, outArgs.Info.Count * sizeof(Var) + Js::Constants::MinStackDefault); // args + function call
                 outArgsSize = outArgs.Info.Count * sizeof(Var);
                 outArgs.Values = (Var*)_alloca(outArgsSize);
+                ZeroMemory(outArgs.Values, outArgsSize);
             }
             else
             {

lib/Runtime/Library/JavascriptFunction.cpp

@@ -1104,6 +1104,7 @@ namespace Js
             PROBE_STACK(scriptContext, outArgs.Info.Count * sizeof(Var) + Js::Constants::MinStackDefault); // args + function call
             outArgsSize = outArgs.Info.Count * sizeof(Var);
             outArgs.Values = (Var*)_alloca(outArgsSize);
+            ZeroMemory(outArgs.Values, outArgsSize);
         }
         else
         {