From 017d2a887f7279453fe29eb8b7a370a12611840a Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Tue, 14 Apr 2009 14:18:16 +0000
Subject: [PATCH] PR: 1838 Submitted by: Robin Seggelmann
 <seggelmann@fh-muenster.de> Approved by: steve@openssl.org

Updated patch from 0.9.8-stable.
---
 ssl/d1_both.c | 29 +++++++++++++++--------------
 1 file changed, 15 insertions(+), 14 deletions(-)

diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 87c8c9306f..8e2058ed33 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -574,30 +574,31 @@ dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
 			}
 		}
 
-	frag = dtls1_hm_fragment_new(frag_len);
-	if ( frag == NULL)
-		goto err;
-
-	memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
-
 	if (frag_len)
 		{
+		frag = dtls1_hm_fragment_new(frag_len);
+		if ( frag == NULL)
+			goto err;
+
+		memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
+
 		/* read the body of the fragment (header has already been read */
 		i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
 			frag->fragment,frag_len,0);
 		if (i<=0 || (unsigned long)i!=frag_len)
 			goto err;
-		}
 
-	memset(seq64be,0,sizeof(seq64be));
-	seq64be[6] = (unsigned char)(msg_hdr->seq>>8);
-	seq64be[7] = (unsigned char)(msg_hdr->seq);
+		memset(seq64be,0,sizeof(seq64be));
+		seq64be[6] = (unsigned char)(msg_hdr->seq>>8);
+		seq64be[7] = (unsigned char)(msg_hdr->seq);
 
-	item = pitem_new(seq64be, frag);
-	if ( item == NULL)
-		goto err;
+		item = pitem_new(seq64be, frag);
+		if ( item == NULL)
+			goto err;
+
+		pqueue_insert(s->d1->buffered_messages, item);
+		}
 
-	pqueue_insert(s->d1->buffered_messages, item);
 	return DTLS1_HM_FRAGMENT_RETRY;
 
 err:
-- 
2.25.1