Fix the array size of dtlsseq in tls1_enc

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16385)

(cherry picked from commit 562d4cd3c35b32f2bc6ac0770b80ce394f8d76a4)

diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c
index e6a8bbd71073927aab99aea5e35d1ffa73568657..f158544789bb5621257421b83698c04b8a20ba1b 100644 (file)
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -1039,7 +1039,7 @@ int tls1_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending)
 
                 if (SSL_IS_DTLS(s)) {
                     /* DTLS does not support pipelining */
-                    unsigned char dtlsseq[9], *p = dtlsseq;
+                    unsigned char dtlsseq[8], *p = dtlsseq;
 
                     s2n(sending ? DTLS_RECORD_LAYER_get_w_epoch(&s->rlayer) :
                         DTLS_RECORD_LAYER_get_r_epoch(&s->rlayer), p);