The CRL cache inserts CRLs into an issuer hash table. The key value (DER subject of the issuer) was not being copied. This could cause the CRL not to be found or the program to crash if the memory was freed. The later happened to me on windows. Patch to follow.
Created attachment 98655 [details] [diff] [review] patch to copy the DER subject before inserting an issuer into the hash table
Checking in certi.h; /cvsroot/mozilla/security/nss/lib/certdb/certi.h,v <-- certi.h new revision: 1.5; previous revision: 1.4 done Checking in crl.c; /cvsroot/mozilla/security/nss/lib/certdb/crl.c,v <-- crl.c new revision: 1.23; previous revision: 1.22 done