A fantastic way to make a large unsigned number is to assign

a small signed one to it.. Some people on OpenSSL's list
noticed - http://marc.info/?l=openssl-dev&m=139809485525663&w=2

This should fix that, and make sure we don't try to write out insane
amounts of stuff.
ok miod@ tedu@

2 files changed, 4 insertions, 0 deletions

diff --git a/src/lib/libssl/s3_pkt.c b/src/lib/libssl/s3_pkt.c
index 5ef25a4059..2a88b14852 100644
--- a/src/lib/libssl/s3_pkt.c
+++ b/src/lib/libssl/s3_pkt.c
@@ -564,6 +564,8 @@ ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
                 }
         }
 
+        if (len < tot)
+                len = tot;
         n = (len - tot);
         for (;;) {
                 if (n > s->max_send_fragment)
diff --git a/src/lib/libssl/src/ssl/s3_pkt.c b/src/lib/libssl/src/ssl/s3_pkt.c
index 5ef25a4059..2a88b14852 100644
--- a/src/lib/libssl/src/ssl/s3_pkt.c
+++ b/src/lib/libssl/src/ssl/s3_pkt.c
@@ -564,6 +564,8 @@ ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
                 }
         }
 
+        if (len < tot)
+                len = tot;
         n = (len - tot);
         for (;;) {
                 if (n > s->max_send_fragment)