diff --git a/security/certverifier/CertVerifier.cpp b/security/certverifier/CertVerifier.cpp
index e7290884b5b3..3068ef51a834 100644
--- a/security/certverifier/CertVerifier.cpp
+++ b/security/certverifier/CertVerifier.cpp
@@ -429,10 +429,11 @@ CertVerifier::VerifySSLServerCert(CERTCertificate* peerCert,
     return SECFailure;
   }
 
+  ScopedCERTCertList builtChainTemp;
   // CreateCertErrorRunnable assumes that CERT_VerifyCertName is only called
   // if VerifyCert succeeded.
   SECStatus rv = VerifyCert(peerCert, certificateUsageSSLServer, time, pinarg,
-                            hostname, 0, stapledOCSPResponse, builtChain,
+                            hostname, 0, stapledOCSPResponse, &builtChainTemp,
                             evOidPolicy);
   if (rv != SECSuccess) {
     return rv;
@@ -443,8 +444,12 @@ CertVerifier::VerifySSLServerCert(CERTCertificate* peerCert,
     return rv;
   }
 
-  if (saveIntermediatesInPermanentDatabase && builtChain) {
-    SaveIntermediateCerts(*builtChain);
+  if (saveIntermediatesInPermanentDatabase) {
+    SaveIntermediateCerts(builtChainTemp);
+  }
+
+  if (builtChain) {
+    *builtChain = builtChainTemp.forget();
   }
 
   return SECSuccess;