From: Matt Caswell Date: Thu, 12 Jun 2014 19:38:45 +0000 (+0100) Subject: Added OPENSSL_assert check as per PR#3377 reported by Rainer Jung --- diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index fb9720f41d..02302a5dbf 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -644,6 +644,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) int i; s->rwstate=SSL_NOTHING; + OPENSSL_assert(s->s3->wnum <= INT_MAX); tot=s->s3->wnum; s->s3->wnum=0; @@ -667,7 +668,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) * buffer ... so we trap and report the error in a way the user * will notice */ - if ( len < tot) + if (len < tot) { SSLerr(SSL_F_SSL3_WRITE_BYTES,SSL_R_BAD_LENGTH); return(-1);