diff options
author | Moonchild <moonchild@palemoon.org> | 2022-07-03 11:30:19 +0000 |
---|---|---|
committer | Moonchild <moonchild@palemoon.org> | 2022-07-03 11:30:19 +0000 |
commit | 438c04383f16dd54f75e7ff4b715152c96f8aa6f (patch) | |
tree | 4bacede19183ec1f75cfd2926b6a10d9da3669ff /security | |
parent | c830a5f49790266d3ebee99698b00ef3dfedbb3a (diff) | |
download | uxp-438c04383f16dd54f75e7ff4b715152c96f8aa6f.tar.gz |
Update NSS to 3.52.7
Diffstat (limited to 'security')
-rw-r--r-- | security/nss/coreconf/coreconf.dep | 1 | ||||
-rw-r--r-- | security/nss/lib/nss/nss.h | 4 | ||||
-rw-r--r-- | security/nss/lib/softoken/legacydb/lginit.c | 7 | ||||
-rw-r--r-- | security/nss/lib/softoken/softkver.h | 4 | ||||
-rw-r--r-- | security/nss/lib/util/nssutil.h | 4 | ||||
-rw-r--r-- | security/nss/lib/util/secasn1d.c | 15 |
6 files changed, 20 insertions, 15 deletions
diff --git a/security/nss/coreconf/coreconf.dep b/security/nss/coreconf/coreconf.dep index 590d1bfaee..5182f75552 100644 --- a/security/nss/coreconf/coreconf.dep +++ b/security/nss/coreconf/coreconf.dep @@ -10,4 +10,3 @@ */ #error "Do not include this header file." - diff --git a/security/nss/lib/nss/nss.h b/security/nss/lib/nss/nss.h index 609a69f2ef..47e8ddafd8 100644 --- a/security/nss/lib/nss/nss.h +++ b/security/nss/lib/nss/nss.h @@ -22,10 +22,10 @@ * The format of the version string should be * "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]" */ -#define NSS_VERSION "3.52.6" _NSS_CUSTOMIZED +#define NSS_VERSION "3.52.7" _NSS_CUSTOMIZED #define NSS_VMAJOR 3 #define NSS_VMINOR 52 -#define NSS_VPATCH 6 +#define NSS_VPATCH 7 #define NSS_VBUILD 0 #define NSS_BETA PR_FALSE diff --git a/security/nss/lib/softoken/legacydb/lginit.c b/security/nss/lib/softoken/legacydb/lginit.c index d3b4ff32fe..3cd4d8ea03 100644 --- a/security/nss/lib/softoken/legacydb/lginit.c +++ b/security/nss/lib/softoken/legacydb/lginit.c @@ -515,6 +515,7 @@ lg_init(SDB **pSdb, int flags, NSSLOWCERTCertDBHandle *certdbPtr, lgdb_p->hashTable = PL_NewHashTable(64, lg_HashNumber, PL_CompareValues, SECITEM_HashCompare, NULL, 0); if (lgdb_p->hashTable == NULL) { + PR_DestroyLock(lgdb_p->dbLock); goto loser; } @@ -548,12 +549,6 @@ loser: PORT_Free(sdb); } if (lgdb_p) { - if (lgdb_p->dbLock) { - PR_DestroyLock(lgdb_p->dbLock); - } - if (lgdb_p->hashTable) { - PL_HashTableDestroy(lgdb_p->hashTable); - } PORT_Free(lgdb_p); } return error; diff --git a/security/nss/lib/softoken/softkver.h b/security/nss/lib/softoken/softkver.h index e458f77ccc..06d4e82bfd 100644 --- a/security/nss/lib/softoken/softkver.h +++ b/security/nss/lib/softoken/softkver.h @@ -17,10 +17,10 @@ * The format of the version string should be * "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]" */ -#define SOFTOKEN_VERSION "3.52.6" SOFTOKEN_ECC_STRING +#define SOFTOKEN_VERSION "3.52.7" SOFTOKEN_ECC_STRING #define SOFTOKEN_VMAJOR 3 #define SOFTOKEN_VMINOR 52 -#define SOFTOKEN_VPATCH 6 +#define SOFTOKEN_VPATCH 7 #define SOFTOKEN_VBUILD 0 #define SOFTOKEN_BETA PR_FALSE diff --git a/security/nss/lib/util/nssutil.h b/security/nss/lib/util/nssutil.h index c8ff5eac2c..6267f4234a 100644 --- a/security/nss/lib/util/nssutil.h +++ b/security/nss/lib/util/nssutil.h @@ -19,10 +19,10 @@ * The format of the version string should be * "<major version>.<minor version>[.<patch level>[.<build number>]][ <Beta>]" */ -#define NSSUTIL_VERSION "3.52.6" +#define NSSUTIL_VERSION "3.52.7" #define NSSUTIL_VMAJOR 3 #define NSSUTIL_VMINOR 52 -#define NSSUTIL_VPATCH 6 +#define NSSUTIL_VPATCH 7 #define NSSUTIL_VBUILD 0 #define NSSUTIL_BETA PR_FALSE diff --git a/security/nss/lib/util/secasn1d.c b/security/nss/lib/util/secasn1d.c index 14d460a173..c564115364 100644 --- a/security/nss/lib/util/secasn1d.c +++ b/security/nss/lib/util/secasn1d.c @@ -1114,7 +1114,7 @@ sec_asn1d_prepare_for_contents(sec_asn1d_state *state) * inspection, too) then move this code into the switch statement * below under cases SET_OF and SEQUENCE_OF; it will be cleaner. */ - PORT_Assert(state->underlying_kind == SEC_ASN1_SET_OF || state->underlying_kind == SEC_ASN1_SEQUENCE_OF || state->underlying_kind == (SEC_ASN1_SEQUENCE_OF | SEC_ASN1_DYNAMIC) || state->underlying_kind == (SEC_ASN1_SEQUENCE_OF | SEC_ASN1_DYNAMIC)); + PORT_Assert(state->underlying_kind == SEC_ASN1_SET_OF || state->underlying_kind == SEC_ASN1_SEQUENCE_OF || state->underlying_kind == (SEC_ASN1_SET_OF | SEC_ASN1_DYNAMIC) || state->underlying_kind == (SEC_ASN1_SEQUENCE_OF | SEC_ASN1_DYNAMIC)); if (state->contents_length != 0 || state->indefinite) { const SEC_ASN1Template *subt; @@ -2463,7 +2463,18 @@ sec_asn1d_parse_end_of_contents(sec_asn1d_state *state, if (state->pending == 0) { state->place = afterEndOfContents; - state->endofcontents = PR_TRUE; + /* These end-of-contents octets either terminate a SEQUENCE, a GROUP, + * or a constructed string. The SEQUENCE case is unique in that the + * state parses its own end-of-contents octets and therefore should not + * have its `endofcontents` flag set. We identify the SEQUENCE case by + * checking whether the child state's template is pointing at a + * template terminator (see `sec_asn1d_next_in_sequence`). + */ + if (state->child && state->child->theTemplate->kind == 0) { + state->endofcontents = PR_FALSE; + } else { + state->endofcontents = PR_TRUE; + } } return len; |