Index: gnutls-3.0.3/lib/gnutls_cipher.c
===================================================================
--- gnutls-3.0.3.orig/lib/gnutls_cipher.c
+++ gnutls-3.0.3/lib/gnutls_cipher.c
@@ -559,7 +559,12 @@ ciphertext_to_compressed (gnutls_session
           }
 
       if (length < 0)
-        length = 0;
+      {
+	      /* Setting a proper length to prevent timing differences in
+	       * processing of records with invalid encryption.
+	       */
+	      length = ciphertext->size - tag_size;
+      }
 
       /* Pass the type, version, length and compressed through
        * MAC.