Start some fuzzing test

You can run the tests over the corpus with a "regular" build, then
$ fuzzing/fuzz-input ../fuzzing/IN/*

Or building with fuzzing enabled, and running:
$ CFLAGS="-fsanitize=fuzzer" CC=clang CXX=clang++ meson -Db_lundef=false
$ fuzzing/fuzz-input  ../fuzzing/IN

I have an initial corpus which was generated by running fuzz-input for
a few hours starting with qemu.pkt, which is the first packet sent by
qemu.  Sadly, it only covers 25%... I tried to increase the coverage
manually, see for example tftp-get-blah.pkt, but that's not so simple,
as multiple packets may be required to setup a session etc.

Neverthess, the fuzzing already found a few issues, so it might be
worth to add it in this current form.

fuzzing/ is used by oss-fuzz, for Google fuzzing.
(see documentation if you want to reproduce the build locally)

Signed-off-by: Marc-André Lureau <>
3 jobs for fuzz in 1 minute and 13 seconds (queued for 1 second)