Added OPENSSL_assert check as per PR#3377 reported by Rainer Jung <rainer.jung@kippdata.de>
(Imported from upstream's 955bfbc2686153b50aebb045a42d96e5b026e29c)
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 874665b..a308ead 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -108,6 +108,7 @@
#include <assert.h>
#include <errno.h>
+#include <limits.h>
#include <stdio.h>
#include <openssl/buf.h>
@@ -576,6 +577,7 @@
int i;
s->rwstate=SSL_NOTHING;
+ assert(s->s3->wnum <= INT_MAX);
tot=s->s3->wnum;
s->s3->wnum=0;
@@ -599,7 +601,7 @@
* buffer ... so we trap and report the error in a way the user
* will notice
*/
- if ( len < tot)
+ if (len < tot)
{
OPENSSL_PUT_ERROR(SSL, ssl3_write_bytes, SSL_R_BAD_LENGTH);
return(-1);