Continuous fuzzing through OSS-fuzz

[AdamKorcz]

Hello,

I have been working on setting up continuous fuzzing for noms through OSS-fuzz.

A draft integration application has been set up here: google/oss-fuzz#5398 including a simple fuzzer to the get things started.

For those unfamiliar with OSS-fuzz: OSS-fuzz is a service offered by Google that provides the necessary resources and infrastructure to run fuzzers continuously for critical open source projects. If bugs are found, reports are sent out to everyone on the mailing list who can then view a more detailed report that includes stack trace and reproducer test case. The service is free and is offered with an implied expectation that bugs are fixed, so that the resources spent on fuzzing noms go towards resolving bugs.
To finish the integration, a maintainers email address is needed on the OSS-fuzz side.

For those unfamiliar with fuzzing: Fuzzing is a way of testing software whereby pseudo-random data is passed to a target application with the goal of finding bugs and vulnerabilities. OSS-fuzz has found thousands of bugs in open source software projects including many golang projects.