Kernel: Wrap much of sys$execve() in a block scope

Since we don't return normally from this function, let's make it a
little extra difficult to accidentally leak something by leaving it on
the stack in this function.

Kernel/Syscalls/execve.cpp

@@ -838,8 +838,14 @@ ErrorOr<FlatPtr> Process::sys$execve(Userspace<const Syscall::SC_execve_params*>
     VERIFY_PROCESS_BIG_LOCK_ACQUIRED(this);
     TRY(require_promise(Pledge::exec));
 
+    Thread* new_main_thread = nullptr;
+    u32 prev_flags = 0;
+
     // NOTE: Be extremely careful with allocating any kernel memory in this function.
     //       On success, the kernel stack will be lost.
+    //       The explicit block scope below is specifically placed to minimize the number
+    //       of stack locals in this function.
+    {
         auto params = TRY(copy_typed_from_user(user_params));
 
         if (params.arguments.length > ARG_MAX || params.environment.length > ARG_MAX)
@@ -870,9 +876,8 @@ ErrorOr<FlatPtr> Process::sys$execve(Userspace<const Syscall::SC_execve_params*>
         NonnullOwnPtrVector<KString> environment;
         TRY(copy_user_strings(params.environment, environment));
 
-    Thread* new_main_thread = nullptr;
-    u32 prev_flags = 0;
         TRY(exec(move(path), move(arguments), move(environment), new_main_thread, prev_flags));
+    }
 
     // NOTE: If we're here, the exec has succeeded and we've got a new executable image!
     //       We will not return normally from this function. Instead, the next time we