From 1bec9e9707902c6dfe15156e90d821ac2c8873a7 Mon Sep 17 00:00:00 2001
From: "julien.pierre.boogz%sun.com" <devnull@localhost>
Date: Wed, 13 May 2009 22:47:28 +0000
Subject: Fix for bug 492385 . Stop crash freeing named CRL entry on shudown.
 r=nelson

---
 security/nss/lib/certdb/crl.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/security/nss/lib/certdb/crl.c b/security/nss/lib/certdb/crl.c
index 04927aa31..1cf407098 100644
--- a/security/nss/lib/certdb/crl.c
+++ b/security/nss/lib/certdb/crl.c
@@ -3136,6 +3136,7 @@ static SECStatus addCRLToCache(CERTCertDBHandle* dbhandle, SECItem* crl,
         rv = SECFailure;
         /* no need to keep unused CRL around */
         SECITEM_ZfreeItem(entry->crl, PR_TRUE);
+        entry->crl = NULL;
     }
     return rv;
 }
@@ -3206,6 +3207,10 @@ SECStatus cert_CacheCRLByGeneralName(CERTCertDBHandle* dbhandle, SECItem* crl,
             if (!removed)
             {
                 rv = SECFailure;
+		/* leak old entry since we couldn't remove it from the hash table */
+            }
+            else
+            {
                 rv2 = NamedCRLCacheEntry_Destroy(oldEntry);
                 PORT_Assert(SECSuccess == rv2);
             }
@@ -3249,7 +3254,11 @@ SECStatus cert_CacheCRLByGeneralName(CERTCertDBHandle* dbhandle, SECItem* crl,
                 PORT_Assert(removed);
                 if (!removed)
                 {
+		    /* leak old entry since we couldn't remove it from the hash table */
                     rv = SECFailure;
+                }
+                else
+                {
                     rv2 = NamedCRLCacheEntry_Destroy(oldEntry);
                     PORT_Assert(SECSuccess == rv2);
                 }
-- 
cgit v1.2.1