Google has taken a liking to "fuzzing" so much that they have been working on a fuzzing service with the Core Infrastructure Initiative community for the past few years. They have now announced the beta version of the program, named OSS-Fuzz' to provide security to open source software (OSS). Open source software is the backbone of internet. It is important to keep OSS secured and stable.
Errors like 'buffer over-flow' and 'use-after-free' spread serious threats to open source software. Even experienced developers have trouble getting past such errors. This is where fuzz helps detect errors quickly. Recently various fuzzing engines have been invented and used in chrome browser which has helped in finding vulnerabilities, stability bugs and logical bugs.
The OSS-Fuzz accepts only projects that have global influence at this point of time. If accepted, the problems faced by the project would be reported in 90 days.
Google OSS-Fuzz is focusing on making common software infrastructure stable and secure with 'scalable distribution execution' combining 'modern fuzzing techniques'
The widely used FreeType library has been tested using OSS-Fuzz with good results so far.. Not just that, the beta program has found and solved almost 150 bugs in open source projects as well.