Google Rolls Out OSS-Fuzz To Help Improve Open-Source Software Safety
Given the rise the past few years of open-source software vulnerabilities in the wild, Google with the Linux Foundation's Core Infrastructure Initiative has established OSS-Fuzz to combine various fuzzing engines (currently libFuzzer) with compiler sanitizers and a distributed environment via ClusterFuzz to offer continuous fuzzing of prominent OSS projects to try to provide better security and stability by catching issues early on and ensuring code-bases are continuously tested against the latest in sanitizers and fuzzers.
OSS-Fuzz has already caught issues with FreeType as an early project they're working with plus have found over 150 bugs in other open-source software projects. Google says there is around four trillion test cases being conducted on a weekly basis. Project maintainers of widely-used and/or critical open-source software projects can apply to be part of OSS-Fuzz testing.
More details via this Google blog post. The continuous fuzzing software is hosted on GitHub.