summaryrefslogtreecommitdiffstats
path: root/chromium/third_party/nss/nss/lib/pk11wrap/pk11cert.c
diff options
context:
space:
mode:
Diffstat (limited to 'chromium/third_party/nss/nss/lib/pk11wrap/pk11cert.c')
-rw-r--r--chromium/third_party/nss/nss/lib/pk11wrap/pk11cert.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/chromium/third_party/nss/nss/lib/pk11wrap/pk11cert.c b/chromium/third_party/nss/nss/lib/pk11wrap/pk11cert.c
index 39168b96cc9..3f3edb11946 100644
--- a/chromium/third_party/nss/nss/lib/pk11wrap/pk11cert.c
+++ b/chromium/third_party/nss/nss/lib/pk11wrap/pk11cert.c
@@ -981,8 +981,15 @@ PK11_ImportCert(PK11SlotInfo *slot, CERTCertificate *cert,
* CERTCertificate, and finish
*/
nssPKIObject_AddInstance(&c->object, certobj);
+ /* nssTrustDomain_AddCertsToCache may release a reference to 'c' and
+ * replace 'c' by a different value. So we add a reference to 'c' to
+ * prevent 'c' from being destroyed. */
+ nssCertificate_AddRef(c);
nssTrustDomain_AddCertsToCache(STAN_GetDefaultTrustDomain(), &c, 1);
+ /* XXX should we pass the original value of 'c' to
+ * STAN_ForceCERTCertificateUpdate? */
(void)STAN_ForceCERTCertificateUpdate(c);
+ nssCertificate_Destroy(c);
SECITEM_FreeItem(keyID,PR_TRUE);
return SECSuccess;
loser:
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-07 13:22:09 +0000