In the is_sslv3 case, the header length is recomputed to be large enough. I also note that we've recently added a sanity check to make this explicit, see commit 29b0a15a480626544dd0c803d5de671552544de6 Sorry that we didn't acknowledge your report! Cheers, Emilia