From d4df5484a3a59d110ad9f206a976a73f5ef4ff0c Mon Sep 17 00:00:00 2001
From: "nelson%bolyard.com" <nelson%bolyard.com>
Date: Sun, 1 Oct 2006 05:37:24 +0000
Subject: [PATCH] Bug 354313. Fix leak in STAN_GetCERTCertificateName.
 r=julien,rrelyea

---
 security/nss/lib/pki/pki3hack.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/security/nss/lib/pki/pki3hack.c b/security/nss/lib/pki/pki3hack.c
index 5971b6caf508..a27e83860b18 100644
--- a/security/nss/lib/pki/pki3hack.c
+++ b/security/nss/lib/pki/pki3hack.c
@@ -35,7 +35,7 @@
  * ***** END LICENSE BLOCK ***** */
 
 #ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile: pki3hack.c,v $ $Revision: 1.90 $ $Date: 2006/08/30 17:57:20 $";
+static const char CVS_ID[] = "@(#) $RCSfile: pki3hack.c,v $ $Revision: 1.91 $ $Date: 2006/10/01 05:37:24 $";
 #endif /* DEBUG */
 
 /*
@@ -706,8 +706,13 @@ STAN_GetCERTCertificateNameForInstance (
 char * 
 STAN_GetCERTCertificateName(PLArenaPool *arenaOpt, NSSCertificate *c)
 {
+    char * result;
     nssCryptokiInstance *instance = get_cert_instance(c);
-    return STAN_GetCERTCertificateNameForInstance(arenaOpt, c, instance);
+    /* It's OK to call this function, even if instance is NULL */
+    result = STAN_GetCERTCertificateNameForInstance(arenaOpt, c, instance);
+    if (instance)
+	nssCryptokiObject_Destroy(instance);
+    return result;
 }
 
 static void