Change quic::CryptoUtils::GetSSLCapabilities to use ScopedCBB instead of CBB. This can avoid a memleak if SSL_serialize_capabilities fails.
PiperOrigin-RevId: 475863497
diff --git a/quiche/quic/core/crypto/crypto_utils.cc b/quiche/quic/core/crypto/crypto_utils.cc
index 9b33b0b..428edb7 100644
--- a/quiche/quic/core/crypto/crypto_utils.cc
+++ b/quiche/quic/core/crypto/crypto_utils.cc
@@ -776,10 +776,11 @@
bssl::UniquePtr<uint8_t>* capabilities,
size_t* capabilities_len) {
uint8_t* buffer;
- CBB cbb;
+ bssl::ScopedCBB cbb;
- if (!CBB_init(&cbb, 128) || !SSL_serialize_capabilities(ssl, &cbb) ||
- !CBB_finish(&cbb, &buffer, capabilities_len)) {
+ if (!CBB_init(cbb.get(), 128) ||
+ !SSL_serialize_capabilities(ssl, cbb.get()) ||
+ !CBB_finish(cbb.get(), &buffer, capabilities_len)) {
return false;
}