From e10349ab8dda8a3f11be6aa19f2b6e29fe814044 Mon Sep 17 00:00:00 2001
From: wolfbeast <mcwerewolf@gmail.com>
Date: Fri, 23 Feb 2018 11:04:39 +0100
Subject: Update NSS to 3.35-RTM

---
 security/nss/lib/pkcs7/p7create.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'security/nss/lib/pkcs7')

diff --git a/security/nss/lib/pkcs7/p7create.c b/security/nss/lib/pkcs7/p7create.c
index 96ada5c0f..a79d5aa26 100644
--- a/security/nss/lib/pkcs7/p7create.c
+++ b/security/nss/lib/pkcs7/p7create.c
@@ -18,7 +18,13 @@
 #include "secder.h"
 #include "secpkcs5.h"
 
-const int NSS_PBE_DEFAULT_ITERATION_COUNT = 2000; /* used in p12e.c too */
+const int NSS_PBE_DEFAULT_ITERATION_COUNT = /* used in p12e.c too */
+#ifdef DEBUG
+    10000
+#else
+    1000000
+#endif
+    ;
 
 static SECStatus
 sec_pkcs7_init_content_info(SEC_PKCS7ContentInfo *cinfo, PLArenaPool *poolp,
-- 
cgit v1.2.3


From f83f62e1bff0c2aedc32e67fe369ba923c5b104a Mon Sep 17 00:00:00 2001
From: JustOff <Off.Just.Off@gmail.com>
Date: Sat, 9 Jun 2018 15:11:22 +0300
Subject: Update NSS to 3.36.4-RTM

---
 security/nss/lib/pkcs7/p7create.c | 2 +-
 security/nss/lib/pkcs7/p7decode.c | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

(limited to 'security/nss/lib/pkcs7')

diff --git a/security/nss/lib/pkcs7/p7create.c b/security/nss/lib/pkcs7/p7create.c
index a79d5aa26..f19330386 100644
--- a/security/nss/lib/pkcs7/p7create.c
+++ b/security/nss/lib/pkcs7/p7create.c
@@ -22,7 +22,7 @@ const int NSS_PBE_DEFAULT_ITERATION_COUNT = /* used in p12e.c too */
 #ifdef DEBUG
     10000
 #else
-    1000000
+    600000
 #endif
     ;
 
diff --git a/security/nss/lib/pkcs7/p7decode.c b/security/nss/lib/pkcs7/p7decode.c
index 658c61e44..4f17b8e84 100644
--- a/security/nss/lib/pkcs7/p7decode.c
+++ b/security/nss/lib/pkcs7/p7decode.c
@@ -560,6 +560,7 @@ sec_pkcs7_decoder_start_decrypt(SEC_PKCS7DecoderContext *p7dcx, int depth,
     return SECSuccess;
 
 no_decryption:
+    PK11_FreeSymKey(bulkkey);
     /*
      * For some reason (error set already, if appropriate), we cannot
      * decrypt the content.  I am not sure what exactly is the right
@@ -1031,6 +1032,11 @@ SECStatus
 SEC_PKCS7DecoderUpdate(SEC_PKCS7DecoderContext *p7dcx,
                        const char *buf, unsigned long len)
 {
+    if (!p7dcx) {
+        PORT_SetError(SEC_ERROR_INVALID_ARGS);
+        return SECFailure;
+    }
+
     if (p7dcx->cinfo != NULL && p7dcx->dcx != NULL) {
         PORT_Assert(p7dcx->error == 0);
         if (p7dcx->error == 0) {
-- 
cgit v1.2.3