diff --git a/src/sniffer.c b/src/sniffer.c
index 73c4ae003..7eb272f87 100644
--- a/src/sniffer.c
+++ b/src/sniffer.c
@@ -1593,10 +1593,19 @@ static void Decrypt(SSL* ssl, byte* output, const byte* input, word32 sz)
 static const byte* DecryptMessage(SSL* ssl, const byte* input, word32 sz,
                                   byte* output)
 {
+    int ivExtra = 0;
+
     Decrypt(ssl, output, input, sz);
     ssl->keys.encryptSz = sz;
-    if (ssl->options.tls1_1 && ssl->specs.cipher_type == block)
-        return output + ssl->specs.block_size;     /* go past TLSv1.1 IV */
+    if (ssl->options.tls1_1 && ssl->specs.cipher_type == block) {
+        output += ssl->specs.block_size;     /* go past TLSv1.1 IV */
+        ivExtra = ssl->specs.block_size;
+    }
+
+    ssl->keys.padSz = ssl->specs.hash_size;
+
+    if (ssl->specs.cipher_type == block)
+        ssl->keys.padSz += *(output + sz - ivExtra - 1) + 1;
     
     return output;
 }
diff --git a/sslSniffer/sslSnifferTest/snifftest.c b/sslSniffer/sslSnifferTest/snifftest.c
index 3f9160902..0febe7317 100755
--- a/sslSniffer/sslSnifferTest/snifftest.c
+++ b/sslSniffer/sslSnifferTest/snifftest.c
@@ -278,7 +278,7 @@ int main(int argc, char** argv)
                 printf("ssl_Decode ret = %d, %s\n", ret, err);
             if (ret > 0) {
                 data[ret] = 0;
-				printf("SSL App Data:%s\n", data);
+				printf("SSL App Data(%d):%s\n", ret, data);
             }
         }
         else if (saveFile)