diff --git a/configure.ac b/configure.ac
index a771822f..bb4c61af 100644
--- a/configure.ac
+++ b/configure.ac
@@ -744,6 +744,7 @@ __sync_lock_release(&_sodium_lock);
 
 dnl Checks for functions and headers
 
+AC_FUNC_ALLOCA
 AS_IF([test "x$EMSCRIPTEN" = "x"],[
   AC_CHECK_FUNCS([arc4random arc4random_buf])
   AC_CHECK_FUNCS([mmap mlock madvise mprotect memset_s explicit_bzero nanosleep])
diff --git a/dist-build/emscripten-symbols.def b/dist-build/emscripten-symbols.def
index 9612c4d4..f14cfdf5 100644
--- a/dist-build/emscripten-symbols.def
+++ b/dist-build/emscripten-symbols.def
@@ -558,5 +558,6 @@ _sodium_runtime_has_sse3 0 0
 _sodium_runtime_has_sse41 0 0
 _sodium_runtime_has_ssse3 0 0
 _sodium_set_misuse_handler 0 0
+_sodium_stackzero 0 0
 _sodium_unpad 1 1
 _sodium_version_string 1 1
diff --git a/src/libsodium/include/sodium/utils.h b/src/libsodium/include/sodium/utils.h
index a4b4a1cf..46eb331c 100644
--- a/src/libsodium/include/sodium/utils.h
+++ b/src/libsodium/include/sodium/utils.h
@@ -21,6 +21,9 @@ extern "C" {
 SODIUM_EXPORT
 void sodium_memzero(void * const pnt, const size_t len);
 
+SODIUM_EXPORT
+void sodium_stackzero(const size_t len);
+
 /*
  * WARNING: sodium_memcmp() must be used to verify if two secret keys
  * are equal, in constant time.
diff --git a/src/libsodium/sodium/utils.c b/src/libsodium/sodium/utils.c
index 2c6d7cdb..b45f2325 100644
--- a/src/libsodium/sodium/utils.c
+++ b/src/libsodium/sodium/utils.c
@@ -21,6 +21,23 @@
 # include <unistd.h>
 #endif
 
+#if HAVE_ALLOCA_H
+# include <alloca.h>
+#elif defined __GNUC__
+# define alloca __builtin_alloca
+#elif defined _AIX
+# define alloca __alloca
+#elif defined _MSC_VER
+# include <malloc.h>
+# define alloca _alloca
+#else
+# include <stddef.h>
+# ifdef  __cplusplus
+extern "C"
+# endif
+void *alloca (size_t);
+#endif
+
 #include "core.h"
 #include "randombytes.h"
 #include "utils.h"
@@ -106,6 +123,17 @@ sodium_memzero(void *const pnt, const size_t len)
 #endif
 }
 
+void
+sodium_stackzero(const size_t len)
+{
+#ifdef HAVE_ALLOCA
+    sodium_memzero(alloca(len), len);
+#elif __STDC_VERSION__ >= 199901L
+    unsigned char fodder[len];
+    sodium_memzero(fodder, len);
+#endif
+}
+
 #ifdef HAVE_WEAK_SYMBOLS
 __attribute__((weak)) void
 _sodium_dummy_symbol_to_prevent_memcmp_lto(const unsigned char *b1,