--- /dev/null
+signed-off-by: Ryan Sleevi <ryan.sleevi@gmail.com>
+Upstream-Status: Backport
+reference:https://hg.mozilla.org/projects/nss/rev/e79a09364b5e
+
+--- a/nss/lib/ssl/ssl3con.c
++++ b/nss/lib/ssl/ssl3con.c
+@@ -781,6 +781,11 @@ static SECStatus
+ Null_Cipher(void *ctx, unsigned char *output, int *outputLen, int maxOutputLen,
+ const unsigned char *input, int inputLen)
+ {
++ if (inputLen > maxOutputLen) {
++ *outputLen = 0; /* Match PK11_CipherOp in setting outputLen */
++ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
++ return SECFailure;
++ }
+ *outputLen = inputLen;
+ if (input != output)
+ PORT_Memcpy(output, input, inputLen);
file://nss-no-rpath-for-cross-compiling.patch \
file://nss-fix-incorrect-shebang-of-perl.patch \
file://nss-3.15.1-fix-CVE-2013-1741.patch \
+ file://nss-3.15.1-fix-CVE-2013-5605.patch \
"
SRC_URI_append_class-target = "\
file://nss.pc.in \
projects / scm / bb / tizen-distro.git / commitdiff