diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c
index 129ed89d970448a84cefd0b3fcff9423f0186917..a6f4db36c00b2a9905212f3fcd680ae353711e48 100644
--- a/ssl/s2_lib.c
+++ b/ssl/s2_lib.c
@@ -260,6 +260,9 @@ SSL_CIPHER *ssl2_get_cipher(unsigned int u)
 
 int ssl2_pending(SSL *s)
 	{
+	/* Unlike ssl2_pending, this one probably works (if read-ahead
+	 * is disabled), but it should be examined
+	 * XXX */
 	return(s->s2->ract_data_length);
 	}
 
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 184d4f47ff3eb0c36a5184d12786963a31b97fd1..b8ffbed64685a73a48e5fe06e75722a35b378775 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -638,10 +638,10 @@ SSL_CIPHER *ssl3_get_cipher(unsigned int u)
 		return(NULL);
 	}
 
-/* The problem is that it may not be the correct record type */
 int ssl3_pending(SSL *s)
 	{
-	return(s->s3->rrec.length);
+	/* The problem is that it may not be the correct record type */
+	return(s->s3->rrec.length); /* FIXME */
 	}
 
 int ssl3_new(SSL *s)
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index ed2b820984e44ca55049628bb3d5817f5271170e..105bcb2fca8abc8e425230d65d3c2ee37b28e14b 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -576,6 +576,13 @@ int SSL_get_read_ahead(SSL *s)
 
 int SSL_pending(SSL *s)
 	{
+	/* SSL_pending cannot work properly if read-ahead is enabled
+	 * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)),
+	 * and it is impossible to fix since SSL_pending cannot report
+	 * errors that may be observed while scanning the new data.
+	 * (Note that SSL_pending() is often used as a boolean value,
+	 * so we'd better not return -1.)
+	 */
 	return(s->method->ssl_pending(s));
 	}