When building the stack guard, it has been traditionally important to have the value start (in memory) with a zero byte to protect the guard value (and the rest of the stack past it) from being read via strcpy, etc. This patch reduces the number of random bytes by one, leaving the leading zero byte.
Created attachment 3933 [details] keep leading zero
I should clarify -- the read-blocking is nice, but the more common reason the leading zero is important is to avoid the guard being written as part of a larger overflow being written out by a str* function, if its value were leaked to an attacker in some other way.
I've applied a cleaner and more efficient patch.