fix false positives when compiled with msan

Our explicit_bzero successfully confused clang -fsanitize-memory
in to thinking that memset is never called to initialise memory.
Ensure that it is called in a way that the compiler recognises.

openbsd-compat/explicit_bzero.c

@@ -7,6 +7,8 @@
 
 #include "includes.h"
 
+#include <string.h>
+
 /*
  * explicit_bzero - don't let the compiler optimize away bzero
  */
@@ -32,6 +34,17 @@ static void (* volatile ssh_bzero)(void *, size_t) = bzero;
 void
 explicit_bzero(void *p, size_t n)
 {
+	/*
+	 * clang -fsanitize=memory needs to intercept memset-like functions
+	 * to correctly detect memory initialisation. Make sure one is called
+	 * directly since our indirection trick above sucessfully confuses it.
+	 */
+#if defined(__has_feature)
+# if __has_feature(memory_sanitizer)
+	memset(p, 0, n);
+# endif
+#endif
+
 	ssh_bzero(p, n);
 }