diff -up openssl-fips-0.9.8e/CHANGES.padding openssl-fips-0.9.8e/CHANGES
diff -up openssl-fips-0.9.8e/ssl/s3_enc.c.padding openssl-fips-0.9.8e/ssl/s3_enc.c
--- openssl-fips-0.9.8e/ssl/s3_enc.c.padding	2007-03-22 01:39:14.000000000 +0100
+++ openssl-fips-0.9.8e/ssl/s3_enc.c	2012-01-16 10:40:02.146294455 +0100
@@ -480,6 +480,9 @@ int ssl3_enc(SSL *s, int send)
 
 			/* we need to add 'i-1' padding bytes */
 			l+=i;
+			/* the last of these zero bytes will be overwritten
+			 * with the padding length. */
+			memset(&rec->input[rec->length], 0, i);
 			rec->length+=i;
 			rec->input[l-1]=(i-1);
 			}