Bug 1590001 Comment 0 Edit History

Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.

The fuzzer found an issue.
Marking this as critical as it appears to be a state machine issue in TLS 1.3 (ssl3con.c:12805), i.e. the state is ssl_ct_application_data and ssl_0rtt_ignore_hrr while not waiting for a client hello (wait_client_hello).

I recommend removing the offending code change https://hg.mozilla.org/projects/nss/rev/bc77cf318f388f55790b99d5f23a9c1f2bd9f900?revcount=10000, i.e. disable TLS 1.3 again until the issue is fixed.
The fuzzer found an issue.
Marking this as critical as it appears to be a state machine issue in TLS 1.3 (`ssl3con.c:12805`), i.e. the state is `ssl_ct_application_data` and `ssl_0rtt_ignore_hrr` while not waiting for a client hello (`wait_client_hello`).

I recommend removing the offending code change https://hg.mozilla.org/projects/nss/rev/bc77cf318f388f55790b99d5f23a9c1f2bd9f900?revcount=10000, i.e. disable TLS 1.3 again until the issue is fixed.

To reproduce build nss with `./build.sh --fuzz --asan` and run `LD_LIBRARY_PATH=../dist/Debug/lib/ nssfuzz-tls-server testcase`.

Back to Bug 1590001 Comment 0