As a sub-task, we should also canonicalize the recommendations for file-naming / style, as was discussed on past reviews.

That's a good point - we may also want to come up with what-to-fuzz best practices.  For instance, we could fuzz SOCKS sockets in isolation, which I think we should do...but we could also fuzz an HTTP stream or HttpNetworkTransaction over a SOCKS proxy...  Don't think we want many integrationy tests, but not fuzzing HttpNetworkTransaction, for instance, seems like a mistake.

sgtm

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/db9ad4ff5423c8c8633cc71c1e6647af7bcf08c7

commit db9ad4ff5423c8c8633cc71c1e6647af7bcf08c7
Author: martijn <martijn@martijnc.be>
Date: Wed Oct 26 18:34:09 2016

Add simple HPKP and HSTS header parser fuzzers.

BUG=599523

Review-Url: https://codereview.chromium.org/2448603002
Cr-Commit-Position: refs/heads/master@{#427754}

[modify] https://crrev.com/db9ad4ff5423c8c8633cc71c1e6647af7bcf08c7/net/BUILD.gn
[add] https://crrev.com/db9ad4ff5423c8c8633cc71c1e6647af7bcf08c7/net/data/fuzzer_dictionaries/net_http_security_headers_fuzzer.dict
[add] https://crrev.com/db9ad4ff5423c8c8633cc71c1e6647af7bcf08c7/net/http/http_security_headers_hpkp_fuzzer.cc
[add] https://crrev.com/db9ad4ff5423c8c8633cc71c1e6647af7bcf08c7/net/http/http_security_headers_hpkp_report_only_fuzzer.cc
[add] https://crrev.com/db9ad4ff5423c8c8633cc71c1e6647af7bcf08c7/net/http/http_security_headers_hsts_fuzzer.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/da9407983d1d996042e8f3303035f40f3ae2758b

commit da9407983d1d996042e8f3303035f40f3ae2758b
Author: martijn <martijn@martijnc.be>
Date: Thu Dec 29 01:36:51 2016

Migrate static transport security state fuzzer to LibFuzzer.

BUG=599523

Review-Url: https://codereview.chromium.org/2582323004
Cr-Commit-Position: refs/heads/master@{#440922}

[modify] https://crrev.com/da9407983d1d996042e8f3303035f40f3ae2758b/net/BUILD.gn
[add] https://crrev.com/da9407983d1d996042e8f3303035f40f3ae2758b/net/data/fuzzer_dictionaries/net_http_transport_security_state_fuzzer.dict
[modify] https://crrev.com/da9407983d1d996042e8f3303035f40f3ae2758b/net/http/transport_security_state.h
[add] https://crrev.com/da9407983d1d996042e8f3303035f40f3ae2758b/net/http/transport_security_state_static_fuzzer.cc
[modify] https://crrev.com/da9407983d1d996042e8f3303035f40f3ae2758b/net/http/transport_security_state_unittest.cc

This issue has been Available for over a year. If it's no longer important or seems unlikely to be fixed, please consider closing it out. If it is important, please re-triage the issue.

Sorry for the inconvenience if the bug really should have been left as Available.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot