1 files changed, 11 insertions, 3 deletions

diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c
index e930c1de3f..f071710034 100644
--- a/lib/gnutls_cipher.c
+++ b/lib/gnutls_cipher.c
@@ -453,6 +453,14 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
       return GNUTLS_E_INTERNAL_ERROR;
     }
 
+  if (ciphertext.size < (unsigned) blocksize + hash_size)
+    {
+      _gnutls_record_log
+	("REC[%x]: Short record length %d < %d + %d (under attack?)\n",
+	 session, ciphertext.size, blocksize, hash_size);
+      gnutls_assert ();
+      return GNUTLS_E_DECRYPTION_FAILED;
+    }
 
   /* actual decryption (inplace)
    */
@@ -504,9 +512,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
 
       pad = ciphertext.data[ciphertext.size - 1] + 1;	/* pad */
 
-      length = ciphertext.size - hash_size - pad;
-
-      if (pad > ciphertext.size - hash_size)
+      if ((int)pad > (int)ciphertext.size - hash_size)
 	{
 	  gnutls_assert ();
 	  /* We do not fail here. We check below for the
@@ -515,6 +521,8 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
 	  pad_failed = GNUTLS_E_DECRYPTION_FAILED;
 	}
 
+      length = ciphertext.size - hash_size - pad;
+
       /* Check the pading bytes (TLS 1.x)
        */
       if (ver >= GNUTLS_TLS1 && pad_failed == 0)