marshall a buffer based on an unknown size. Zero out the sec_desc
buffer to prevent this. This is still not getting proper results for
a registry security descriptor (everything gets ACCESS DENIED), but
at least we aren't blowing out memory now...
(This used to be commit cb370cc28ce361628df137c9aef02739aca062db)