The nvlist_move_nvpair() function can fail in two cases, if:

• the nvlist error is set, or
• the nvlist case ignore flag is not set and there is attend to add element with duplicated name.

In both cases the nvlist_move_nvpair() function free nvpair structure.
If library will try to unpack a binary blob which contains duplicated
names it will end up with using memory after free.

To prevent that, the nvlist_move_nvpair() function interface is changed
to report about failure and checks are added to the nvpair_xunpack()
function.

Discovered thanks to the american fuzzy lop.

Approved by: pjd (mentor)