Depending on stack values being correctly and deterministically
overwritten was a bit too optimistic, to be honest. This new logic uses
a value on the heap.
Dr. POSIX says:
Although the space used by string is no longer used once a new
string which defines name is passed to putenv(), if any thread in
the application has used getenv() to retrieve a pointer to this
variable, it should not be freed by calling free(). If the changed
environment variable is one known by the system (such as the locale
environment variables) the application should never free the buffer
used by earlier calls to putenv() for the same variable.
Applications _should_ not free the data passed to `putenv`, but they
_could_ in practice. I found that our Quake II port misbehaves in this
way, but does not crash on other platforms because glibc/musl `putenv`
does not assume that environment variables are correctly formatted.
The new behavior ignores environment variables without a '=' present,
and prevents excessively reading beyond the variable's name if the data
pointed to by the environment entry does not contain any null bytes.
With this change, our Quake II port no longer crashes when switching
from fullscreen to windowed mode.