diff -u -1 -5 -r1.112 nsNSSCertificate.cpp
--- mozilla/security/manager/ssl/src/nsNSSCertificate.cpp	1 Jun 2005 18:30:36 -0000	1.112
+++ mozilla/security/manager/ssl/src/nsNSSCertificate.cpp	3 Jan 2006 14:26:47 -0000
@@ -848,33 +848,36 @@
       if (NS_SUCCEEDED(rv))
         aTokenName = tok;
     }
   }
   return NS_OK;
 }
 
 NS_IMETHODIMP
 nsNSSCertificate::GetRawDER(PRUint32 *aLength, PRUint8 **aArray)
 {
   nsNSSShutDownPreventionLock locker;
   if (isAlreadyShutDown())
     return NS_ERROR_NOT_AVAILABLE;
 
   if (mCert) {
-    *aArray = (PRUint8 *)mCert->derCert.data;
-    *aLength = mCert->derCert.len;
-    return NS_OK;
+    *aArray = (PRUint8*)nsMemory::Alloc(mCert->derCert.len);
+    if (*aArray) {
+      memcpy(*aArray, mCert->derCert.data, mCert->derCert.len);
+      *aLength = mCert->derCert.len;
+      return NS_OK;
+    }
   }
   *aLength = 0;
   return NS_ERROR_FAILURE;
 }
 
 CERTCertificate *
 nsNSSCertificate::GetCert()
 {
   nsNSSShutDownPreventionLock locker;
   if (isAlreadyShutDown())
     return nsnull;
 
   return (mCert) ? CERT_DupCertificate(mCert) : nsnull;
 }
 
diff -u -1 -5 -r1.17 nsNSSCertificateDB.cpp
--- mozilla/security/manager/ssl/src/nsNSSCertificateDB.cpp	26 Sep 2005 22:43:22 -0000	1.17
+++ mozilla/security/manager/ssl/src/nsNSSCertificateDB.cpp	3 Jan 2006 14:26:48 -0000
@@ -339,30 +339,34 @@
  
   SECItem der;
   rv=certToShow->GetRawDER(&der.len, (PRUint8 **)&der.data);
 
   if (NS_FAILED(rv))
     return rv;
 
   PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("Creating temp cert\n"));
   CERTCertificate *tmpCert;
   CERTCertDBHandle *certdb = CERT_GetDefaultCertDB();
   tmpCert = CERT_FindCertByDERCert(certdb, &der);
   if (!tmpCert) {
     tmpCert = CERT_NewTempCertificate(certdb, &der,
                                       nsnull, PR_FALSE, PR_TRUE);
   }
+  nsMemory::Free(der.data);
+  der.data = nsnull;
+  der.len = 0;
+  
   if (!tmpCert) {
     NS_ERROR("Couldn't create cert from DER blob\n");
     return NS_ERROR_FAILURE;
   }
 
   CERTCertificateCleaner tmpCertCleaner(tmpCert);
 
   if (!CERT_IsCACert(tmpCert, NULL)) {
     // Should pop up an error dialog.
     return NS_ERROR_FAILURE;
   }
 
   if (tmpCert->isperm) {
     nsPSMUITracker tracker;
     if (!tracker.isUIForbidden()) {
@@ -411,30 +415,34 @@
 
   // get all remaining certs into temp store
 
   for (PRUint32 i=0; i<numCerts; i++) {
     if (i == selCertIndex) {
       // we already processed that one
       continue;
     }
 
     certToShow = do_QueryElementAt(x509Certs, i);
     certToShow->GetRawDER(&der.len, (PRUint8 **)&der.data);
 
     CERTCertificate *tmpCert2 = 
       CERT_NewTempCertificate(certdb, &der, nsnull, PR_FALSE, PR_TRUE);
 
+    nsMemory::Free(der.data);
+    der.data = nsnull;
+    der.len = 0;
+
     if (!tmpCert2) {
       NS_ASSERTION(0, "Couldn't create temp cert from DER blob\n");
       continue;  // Let's try to import the rest of 'em
     }
     
     CERT_AddCertToListTail(certList, tmpCert2);
   }
 
   return ImportValidCACertsInList(certList, ctx);
 }
 
 /*
  *  [noscript] void importCertificates(in charPtr data, in unsigned long length,
  *                                     in unsigned long type, 
  *                                     in nsIInterfaceRequestor ctx);
@@ -1593,30 +1601,33 @@
 
   rv = ConstructX509FromBase64(aBase64, getter_AddRefs(newCert));
   NS_ENSURE_SUCCESS(rv, rv);
 
   SECItem der;
   rv = newCert->GetRawDER(&der.len, (PRUint8 **)&der.data);
   NS_ENSURE_SUCCESS(rv, rv);
 
   PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("Creating temp cert\n"));
   CERTCertificate *tmpCert;
   CERTCertDBHandle *certdb = CERT_GetDefaultCertDB();
   tmpCert = CERT_FindCertByDERCert(certdb, &der);
   if (!tmpCert) 
     tmpCert = CERT_NewTempCertificate(certdb, &der,
                                       nsnull, PR_FALSE, PR_TRUE);
+  nsMemory::Free(der.data);
+  der.data = nsnull;
+  der.len = 0;
 
   if (!tmpCert) {
     NS_ASSERTION(0,"Couldn't create cert from DER blob\n");
     return NS_ERROR_FAILURE;
   }
 
   if (tmpCert->isperm) {
     CERT_DestroyCertificate(tmpCert);
     return NS_OK;
   }
 
   CERTCertificateCleaner tmpCertCleaner(tmpCert);
 
   nsXPIDLCString nickname;
   nickname.Adopt(CERT_MakeCANickname(tmpCert));
