Experimenting with "openssl smime -decrypt", I found that it did not detect that a message was truncated. Changing line 173 of crypto/asn1/a_d2i_fp.c from if (i <= 0) to if (i < want) fixes the problem. I think this is the right code for all cases, but somebody who actually understands the whole ASN parsing framework should probably check it out.
a_d2i_fp.c.diff
Description: Binary data
