On Dec 20, 2016, at 8:31 PM, Moshe <me@xxxxxxxxxxxxxxx> wrote:
> I've been working on adding Wireshark to Google's oss-fuzz project
What do you mean by "Wireshark"?
There are at least two parts of Wireshark that deal with externally-supplied data and can be fuzz-tested:
1) the libwiretap library, which reads capture files, and has to deal with potentially-malformed file formats;
2) the libwireshark library, which is handed blobs of raw packet data and packet metadata including (but not limited to) the link-layer header type of the packet data - that data usually comes from a capture file read by libwiretap, but it doesn't *have* to.