Fuzzing for Security (The Chromium Blog)

I wrote something for Gnumeric that can do fuzzing of xml files
and fuzzing of zip-file members. Search for "zz" here:

http://git.gnome.org/browse/gnumeric/tree/test

A generic fuzzer would normally just damage the zip or xml layers and
thus be a test of the parser. That's fine, but the more interesting
parts to test are those behind the packaging.