Description
Describe the bug
When building msquic with the openssl backend, the fuzzer tests fail due to insufficient buffer space
the problem appears to occur due to the fact that openssl supports ML-KEM keyshares, and adding those key shares in the client and server hello pushes the size of those TLS records to cross multiple udp datagram boundaries. The fuzzer is written with the implicit assumption that each received TLS record fits into a buffer (sized for the maximum datagram payload allowance of 1472 bytes)
Currently this issue is worked around by disabling ML-KEM in tls_openssl.c via a call to SSL_set1_groups_list().
The fuzzer should be updated to allow for the fragmentation of TLS records to handle this, at which point the workaround above can be removed
Affected OS
- Windows
- Linux
- macOS
- Other (specify below)
Additional OS information
No response
MsQuic version
main
Steps taken to reproduce bug
- Build msquic with -Tls openssl
- Run the fuzzer test suite
Expected behavior
test should pass
Actual outcome
test fails with an assertion indicating that the buffer to which the TLS record is to be written is too short to fit the provided data
Additional details
No response
Metadata
Metadata
Assignees
Labels
Type
Projects
Status