From 961231ba48be068a8df87638011456c87b1663c5 Mon Sep 17 00:00:00 2001
From: Roland Shoemaker <rolandshoemaker@gmail.com>
Date: Wed, 2 Sep 2015 17:45:19 -0700
Subject: [PATCH] Protect report entries map with mutex to prevent concurrent
 writes causing a bad map state

---
 cmd/cert-checker/main.go | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/cmd/cert-checker/main.go b/cmd/cert-checker/main.go
index fc9288f13..df9af5285 100644
--- a/cmd/cert-checker/main.go
+++ b/cmd/cert-checker/main.go
@@ -70,8 +70,9 @@ type certChecker struct {
 	pa           core.PolicyAuthority
 	dbMap        *gorp.DbMap
 	certs        chan core.Certificate
-	issuedReport report
 	clock        clock.Clock
+	rMu          *sync.Mutex
+	issuedReport report
 }
 
 func newChecker(saDbMap *gorp.DbMap, paDbMap *gorp.DbMap, enforceWhitelist bool) certChecker {
@@ -82,8 +83,10 @@ func newChecker(saDbMap *gorp.DbMap, paDbMap *gorp.DbMap, enforceWhitelist bool)
 		dbMap: saDbMap,
 		certs: make(chan core.Certificate, batchSize),
 		clock: clock.Default(),
+		rMu:   new(sync.Mutex),
 	}
 	c.issuedReport.Entries = make(map[string]reportEntry)
+
 	return c
 }
 
@@ -130,10 +133,12 @@ func (c *certChecker) processCerts(wg *sync.WaitGroup) {
 	for cert := range c.certs {
 		problems := c.checkCert(cert)
 		valid := len(problems) == 0
+		c.rMu.Lock()
 		c.issuedReport.Entries[cert.Serial] = reportEntry{
 			Valid:    valid,
 			Problems: problems,
 		}
+		c.rMu.Unlock()
 		if !valid {
 			atomic.AddInt64(&c.issuedReport.BadCerts, 1)
 		} else {