diff --git a/ChangeLog b/ChangeLog
index 6b9119c496..a55f95636a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+Fri Feb 27 13:57:48 2015  Nobuyoshi Nakada  <nobu@ruby-lang.org>
+
+	* io.c (setup_narg): wipe away expanded part of buffer to get rid
+	  of revealing uncleaned data.  reported by Dongkwan Kim <dkay AT
+	  kaist.ac.kr>.
+
 Wed Feb 25 22:25:07 2015  SHIBATA Hiroshi  <shibata.hiroshi@gmail.com>
 
 	* spec/default.mspec: use default configuration file name.
diff --git a/io.c b/io.c
index 015ff6cd5c..5d2f4b63e2 100644
--- a/io.c
+++ b/io.c
@@ -9103,6 +9103,7 @@ setup_narg(ioctl_req_t cmd, VALUE *argp, int io_p)
 	    /* expand for data + sentinel. */
 	    if (slen < len+1) {
 		rb_str_resize(arg, len+1);
+		MEMZERO(RSTRING_PTR(arg)+slen, char, len-slen);
 		slen = len+1;
 	    }
 	    /* a little sanity check here */