On 05/04/17 19:24, Lysoněk Milan wrote: > Hello, > I'd like to make test for CVE-2016-6309 > https://www.openssl.org/news/secadv/20160926.txt in tlsfuzzer. I tried > combining and sending different lengths (from small lengths to large) of > application data and padding, but I could not trigger this issue on > mentioned OpenSSL 1.1.0a. > > Is there any way, how can I test it and if yes, then how?
Can you reproduce it using the fuzz corpora added in commit 44f206aa9df, or by running the large message test introduced in 84d5549e69? Matt -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
