* pinfo.cc (pinfo::init): Define sa_buf as PSECURITY_ATTRIBUTES and

allocate dynamically.
	(pinfo::set_acl): Replace sa_buf by dynamically allocated acl_buf.
	* sec_acl.cc (setacl): Allocate acl dynamically.
	* sec_helper.cc (sec_acl): Add test for alignment of acl when
	DEBUGGING is defined.
	(__sec_user): Same for sa_buf.
	* security.cc (verify_token): Define sd_buf as PSECURITY_DESCRIPTOR
	and allocate dynamically.
	(alloc_sd): Allocate acl dynamically.
	security.h (sec_user_nih): Change first parameter to
	SECURITY_ATTRIBUTES *.
	(sec_user): Ditto.
	* sigproc.cc (wait_sig): Define sa_buf as PSECURITY_ATTRIBUTES and
	allocate dynamically.
	* syscalls.cc (seteuid32): Define dacl_buf as PACL and allocate
	dynamically.
	* uinfo.cc (cygheap_user::init): Define sa_buf as PSECURITY_ATTRIBUTES
	and allocate dynamically.
	* winbase.h (ilockincr): Mark first argument of inline assembly as
	earlyclobber.
	(ilockdecr): Ditto.

winsup/cygwin/sec_helper.cc

@@ -489,6 +489,10 @@ sec_acl (PACL acl, bool original, bool admins, PSID sid1, PSID sid2, DWORD acces
   LPVOID pAce;
   cygpsid psid;
 
+#ifdef DEBUGGING
+  if ((unsigned long) acl % 4)
+    api_fatal ("Incorrectly aligned incoming ACL buffer!");
+#endif
   if (!InitializeAcl (acl, acl_len, ACL_REVISION))
     {
       debug_printf ("InitializeAcl %E");
@@ -531,7 +535,12 @@ __sec_user (PVOID sa_buf, PSID sid1, PSID sid2, DWORD access2, BOOL inherit)
 			     ((char *) sa_buf + sizeof (*psa));
   PACL acl = (PACL) ((char *) sa_buf + sizeof (*psa) + sizeof (*psd));
 
-  if (!wincap.has_security () || !sec_acl (acl, true, true, sid1, sid2, access2))
+#ifdef DEBUGGING
+  if ((unsigned long) sa_buf % 4)
+    api_fatal ("Incorrectly aligned incoming SA buffer!");
+#endif
+  if (!wincap.has_security ()
+      || !sec_acl (acl, true, true, sid1, sid2, access2))
     return inherit ? &sec_none : &sec_none_nih;
 
   if (!InitializeSecurityDescriptor (psd, SECURITY_DESCRIPTOR_REVISION))