Fix for bug 492385 . Stop crash freeing named CRL entry on shudown. r=nelson

1 files changed, 9 insertions, 0 deletions

diff --git a/security/nss/lib/certdb/crl.c b/security/nss/lib/certdb/crl.c
index 04927aa31..1cf407098 100644
--- a/security/nss/lib/certdb/crl.c
+++ b/security/nss/lib/certdb/crl.c
@@ -3136,6 +3136,7 @@ static SECStatus addCRLToCache(CERTCertDBHandle* dbhandle, SECItem* crl,
         rv = SECFailure;
         /* no need to keep unused CRL around */
         SECITEM_ZfreeItem(entry->crl, PR_TRUE);
+        entry->crl = NULL;
     }
     return rv;
 }
@@ -3206,6 +3207,10 @@ SECStatus cert_CacheCRLByGeneralName(CERTCertDBHandle* dbhandle, SECItem* crl,
             if (!removed)
             {
                 rv = SECFailure;
+		/* leak old entry since we couldn't remove it from the hash table */
+            }
+            else
+            {
                 rv2 = NamedCRLCacheEntry_Destroy(oldEntry);
                 PORT_Assert(SECSuccess == rv2);
             }
@@ -3249,7 +3254,11 @@ SECStatus cert_CacheCRLByGeneralName(CERTCertDBHandle* dbhandle, SECItem* crl,
                 PORT_Assert(removed);
                 if (!removed)
                 {
+		    /* leak old entry since we couldn't remove it from the hash table */
                     rv = SECFailure;
+                }
+                else
+                {
                     rv2 = NamedCRLCacheEntry_Destroy(oldEntry);
                     PORT_Assert(SECSuccess == rv2);
                 }