Security fixes brought forward from 0.9.7.
diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c
index cf0aee2..d82f137 100644
--- a/ssl/s2_pkt.c
+++ b/ssl/s2_pkt.c
@@ -113,6 +113,7 @@
#ifndef OPENSSL_NO_SSL2
#include <stdio.h>
#include <errno.h>
+#include "cryptlib.h"
#define USE_SOCKETS
static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend);
@@ -247,6 +248,7 @@
else
{
mac_size=EVP_MD_size(s->read_hash);
+ OPENSSL_assert(mac_size <= MAX_MAC_SIZE);
s->s2->mac_data=p;
s->s2->ract_data= &p[mac_size];
if (s->s2->padding + mac_size > s->s2->rlength)
