Ensure that CBB is |CBB_zero|ed before possibly calling |CBB_cleanup|.

Change-Id: Ic1f58f87c67104c8a51af59086a1bb1e5ccb0e5b
Reviewed-on: https://boringssl-review.googlesource.com/13084
Reviewed-by: Adam Langley <alangley@gmail.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <alangley@gmail.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

crypto/pkcs8/p5_pbev2.c

diff --git a/crypto/pkcs8/p5_pbev2.c b/crypto/pkcs8/p5_pbev2.c
index e48191d..ae187ac 100644
--- a/crypto/pkcs8/p5_pbev2.c
+++ b/crypto/pkcs8/p5_pbev2.c
@@ -89,6 +89,9 @@
     return NULL;
   }
 
+  CBB cbb;
+  CBB_zero(&cbb);
+
   /* Generate a random PBKDF2 salt if necessary. This will be parsed back out of
    * the serialized |X509_ALGOR|. */
   X509_ALGOR *ret = NULL;
@@ -109,7 +112,7 @@
   }
 
   /* See RFC 2898, appendix A. */
-  CBB cbb, algorithm, param, kdf, kdf_param, salt_cbb, cipher_cbb, iv_cbb;
+  CBB algorithm, param, kdf, kdf_param, salt_cbb, cipher_cbb, iv_cbb;
   if (!CBB_init(&cbb, 16) ||
       !CBB_add_asn1(&cbb, &algorithm, CBS_ASN1_SEQUENCE) ||
       !OBJ_nid2cbb(&algorithm, NID_pbes2) ||