add a fuzzer for private key parsing

regress/misc/fuzz-harness/Makefile

@@ -7,7 +7,8 @@ CXXFLAGS=-O2 -g -Wall -Wextra -I ../../.. $(FUZZ_FLAGS)
 LDFLAGS=-L ../../.. -L ../../../openbsd-compat -g $(FUZZ_FLAGS)
 LIBS=-lssh -lopenbsd-compat -lcrypto $(FUZZ_LIBS)
 
-TARGETS=pubkey_fuzz sig_fuzz authopt_fuzz sshsig_fuzz sshsigopt_fuzz
+TARGETS=pubkey_fuzz sig_fuzz authopt_fuzz sshsig_fuzz \
+	sshsigopt_fuzz privkey_fuzz
 
 all: $(TARGETS)
 
@@ -29,5 +30,8 @@ sshsig_fuzz: sshsig_fuzz.o
 sshsigopt_fuzz: sshsigopt_fuzz.o
 	$(CXX) -o $@ sshsigopt_fuzz.o ../../../sshsig.o $(LDFLAGS) $(LIBS)
 
+privkey_fuzz: privkey_fuzz.o
+	$(CXX) -o $@ privkey_fuzz.o $(LDFLAGS) $(LIBS)
+
 clean:
 	-rm -f *.o $(TARGETS)

regress/misc/fuzz-harness/privkey_fuzz.cc

@@ -0,0 +1,21 @@
+#include <stddef.h>
+#include <stdio.h>
+#include <stdint.h>
+
+extern "C" {
+
+#include "sshkey.h"
+#include "sshbuf.h"
+
+int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
+{
+	struct sshkey *k = NULL;
+	struct sshbuf *b = sshbuf_from(data, size);
+	int r = sshkey_private_deserialize(b, &k);
+	if (r == 0) sshkey_free(k);
+	sshbuf_free(b);
+	return 0;
+}
+
+} // extern
+