28 files changed, 187 insertions, 142 deletions

diff --git a/src/libimcv/Makefile.in b/src/libimcv/Makefile.in
index b0b55fbdc..e361f20f6 100644
--- a/src/libimcv/Makefile.in
+++ b/src/libimcv/Makefile.in
@@ -530,6 +530,7 @@ docdir = @docdir@
 dvidir = @dvidir@
 exec_prefix = @exec_prefix@
 fips_mode = @fips_mode@
+fuzz_plugins = @fuzz_plugins@
 gtk_CFLAGS = @gtk_CFLAGS@
 gtk_LIBS = @gtk_LIBS@
 host = @host@
@@ -552,6 +553,7 @@ json_CFLAGS = @json_CFLAGS@
 json_LIBS = @json_LIBS@
 libdir = @libdir@
 libexecdir = @libexecdir@
+libfuzzer = @libfuzzer@
 libiptc_CFLAGS = @libiptc_CFLAGS@
 libiptc_LIBS = @libiptc_LIBS@
 linux_headers = @linux_headers@
diff --git a/src/libimcv/ietf/ietf_attr_installed_packages.c b/src/libimcv/ietf/ietf_attr_installed_packages.c
index 7a870ac40..d8e5b3342 100644
--- a/src/libimcv/ietf/ietf_attr_installed_packages.c
+++ b/src/libimcv/ietf/ietf_attr_installed_packages.c
@@ -179,7 +179,7 @@ METHOD(pa_tnc_attr_t, process, status_t,
 	u_char *pos;
 
 	if (this->offset == 0)
-	{	
+	{
 		if (this->length < IETF_INSTALLED_PACKAGES_MIN_SIZE)
 		{
 			DBG1(DBG_TNC, "insufficient data for %N/%N", pen_names, PEN_IETF,
@@ -291,15 +291,21 @@ METHOD(ietf_attr_installed_packages_t, add, void,
 	this->packages->insert_last(this->packages, entry);
 }
 
-/**
- * Enumerate package filter entries
- */
-static bool package_filter(void *null, package_entry_t **entry, chunk_t *name,
-						   void *i2, chunk_t *version)
+CALLBACK(package_filter, bool,
+	void *null, enumerator_t *orig, va_list args)
 {
-	*name = (*entry)->name;
-	*version = (*entry)->version;
-	return TRUE;
+	package_entry_t *entry;
+	chunk_t *name, *version;
+
+	VA_ARGS_VGET(args, name, version);
+
+	if (orig->enumerate(orig, &entry))
+	{
+		*name = entry->name;
+		*version = entry->version;
+		return TRUE;
+	}
+	return FALSE;
 }
 
 METHOD(ietf_attr_installed_packages_t, create_enumerator, enumerator_t*,
@@ -307,7 +313,7 @@ METHOD(ietf_attr_installed_packages_t, create_enumerator, enumerator_t*,
 {
 	return enumerator_create_filter(
 						this->packages->create_enumerator(this->packages),
-						(void*)package_filter, NULL, NULL);
+						package_filter, NULL, NULL);
 }
 
 METHOD(ietf_attr_installed_packages_t, get_count, uint16_t,
diff --git a/src/libimcv/ietf/ietf_attr_op_status.c b/src/libimcv/ietf/ietf_attr_op_status.c
index f04c89b96..1f813b3c6 100644
--- a/src/libimcv/ietf/ietf_attr_op_status.c
+++ b/src/libimcv/ietf/ietf_attr_op_status.c
@@ -170,6 +170,7 @@ METHOD(pa_tnc_attr_t, process, status_t,
 	chunk_t last_use;
 	uint16_t reserved;
 	struct tm t;
+	char buf[BUF_LEN];
 
 	*offset = 0;
 
@@ -208,7 +209,8 @@ METHOD(pa_tnc_attr_t, process, status_t,
 	*offset = 4;
 
 	/* Conversion from RFC 3339 ASCII string to time_t */
-	if (sscanf(last_use.ptr, "%4d-%2d-%2dT%2d:%2d:%2dZ", &t.tm_year, &t.tm_mon,
+	snprintf(buf, sizeof(buf), "%.*s", (int)last_use.len, last_use.ptr);
+	if (sscanf(buf, "%4d-%2d-%2dT%2d:%2d:%2dZ", &t.tm_year, &t.tm_mon,
 			   &t.tm_mday, &t.tm_hour, &t.tm_min, &t.tm_sec) != 6)
 	{
 		DBG1(DBG_TNC, "invalid last_use time format in IETF operational status");
diff --git a/src/libimcv/ietf/ietf_attr_port_filter.c b/src/libimcv/ietf/ietf_attr_port_filter.c
index 05920fdd8..2f7e4452c 100644
--- a/src/libimcv/ietf/ietf_attr_port_filter.c
+++ b/src/libimcv/ietf/ietf_attr_port_filter.c
@@ -213,24 +213,31 @@ METHOD(ietf_attr_port_filter_t, add_port, void,
 	this->ports->insert_last(this->ports, entry);
 }
 
-/**
- * Enumerate port filter entries
- */
-static bool port_filter(void *null, port_entry_t **entry,
-						bool *blocked, void *i2, uint8_t *protocol, void *i3,
-						uint16_t *port)
+CALLBACK(port_filter, bool,
+	void *null, enumerator_t *orig, va_list args)
 {
-	*blocked = (*entry)->blocked;
-	*protocol = (*entry)->protocol;
-	*port = (*entry)->port;
-	return TRUE;
+	port_entry_t *entry;
+	uint16_t *port;
+	uint8_t *protocol;
+	bool *blocked;
+
+	VA_ARGS_VGET(args, blocked, protocol, port);
+
+	if (orig->enumerate(orig, &entry))
+	{
+		*blocked = entry->blocked;
+		*protocol = entry->protocol;
+		*port = entry->port;
+		return TRUE;
+	}
+	return FALSE;
 }
 
 METHOD(ietf_attr_port_filter_t, create_port_enumerator, enumerator_t*,
 	private_ietf_attr_port_filter_t *this)
 {
 	return enumerator_create_filter(this->ports->create_enumerator(this->ports),
-					(void*)port_filter, NULL, NULL);
+									port_filter, NULL, NULL);
 }
 
 /**
diff --git a/src/libimcv/imc/imc_os_info.c b/src/libimcv/imc/imc_os_info.c
index 3315c209f..cc23bb250 100644
--- a/src/libimcv/imc/imc_os_info.c
+++ b/src/libimcv/imc/imc_os_info.c
@@ -283,23 +283,20 @@ typedef struct {
 
 } package_enumerator_t;
 
-/**
- * Implementation of package_enumerator.destroy.
- */
-static void package_enumerator_destroy(package_enumerator_t *this)
+METHOD(enumerator_t, package_enumerator_destroy, void,
+	package_enumerator_t *this)
 {
 	pclose(this->file);
 	free(this);
 }
 
-/**
- * Implementation of package_enumerator.enumerate
- */
-static bool package_enumerator_enumerate(package_enumerator_t *this, ...)
+METHOD(enumerator_t, package_enumerator_enumerate, bool,
+	package_enumerator_t *this, va_list args)
 {
 	chunk_t *name, *version;
 	u_char *pos;
-	va_list args;
+
+	VA_ARGS_VGET(args, name, version);
 
 	while (TRUE)
 	{
@@ -319,23 +316,16 @@ static bool package_enumerator_enumerate(package_enumerator_t *this, ...)
 		{
 			continue;
 		}
-		va_start(args, this);
-
-		name = va_arg(args, chunk_t*);
 		name->ptr = pos;
 		pos = strchr(pos, '\t');
 		if (!pos)
 		{
-			va_end(args);
 			return FALSE;
 		}
 		name->len = pos++ - name->ptr;
 
-		version = va_arg(args, chunk_t*);
 		version->ptr = pos;
 		version->len = strlen(pos) - 1;
-
-		va_end(args);
 		return TRUE;
 	}
 }
@@ -354,7 +344,7 @@ METHOD(imc_os_info_t, create_package_enumerator, enumerator_t*,
 		return NULL;
 	}
 
-	/* Open a pipe stream for reading the output of the dpkg-query commmand */
+	/* Open a pipe stream for reading the output of the dpkg-query command */
 	file = popen(command, "r");
 	if (!file)
 	{
@@ -362,12 +352,14 @@ METHOD(imc_os_info_t, create_package_enumerator, enumerator_t*,
 		return NULL;
 	}
 
-	/* Create a package enumerator instance */
-	enumerator = malloc_thing(package_enumerator_t);
-	enumerator->public.enumerate = (void*)package_enumerator_enumerate;
-	enumerator->public.destroy = (void*)package_enumerator_destroy;
-	enumerator->file = file;
-
+	INIT(enumerator,
+		.public = {
+			.enumerate = enumerator_enumerate_default,
+			.venumerate = _package_enumerator_enumerate,
+			.destroy = _package_enumerator_destroy,
+		},
+		.file = file,
+	);
 	return (enumerator_t*)enumerator;
 }
 
diff --git a/src/libimcv/imv/imv_agent.c b/src/libimcv/imv/imv_agent.c
index d0508624d..e96faa77e 100644
--- a/src/libimcv/imv/imv_agent.c
+++ b/src/libimcv/imv/imv_agent.c
@@ -626,22 +626,13 @@ typedef struct {
 
 } language_enumerator_t;
 
-/**
- * Implementation of language_enumerator.destroy.
- */
-static void language_enumerator_destroy(language_enumerator_t *this)
-{
-	free(this);
-}
-
-/**
- * Implementation of language_enumerator.enumerate
- */
-static bool language_enumerator_enumerate(language_enumerator_t *this, ...)
+METHOD(enumerator_t, language_enumerator_enumerate, bool,
+	language_enumerator_t *this, va_list args)
 {
 	char *pos, *cur_lang, **lang;
 	TNC_UInt32 len;
-	va_list args;
+
+	VA_ARGS_VGET(args, lang);
 
 	if (!this->lang_len)
 	{
@@ -676,11 +667,7 @@ static bool language_enumerator_enumerate(language_enumerator_t *this, ...)
 	}
 	cur_lang[len] = '\0';
 
-	va_start(args, this);
-	lang = va_arg(args, char**);
 	*lang = cur_lang;
-	va_end(args);
-
 	return TRUE;
 }
 
@@ -689,10 +676,13 @@ METHOD(imv_agent_t, create_language_enumerator, enumerator_t*,
 {
 	language_enumerator_t *e;
 
-	/* Create a language enumerator instance */
-	e = malloc_thing(language_enumerator_t);
-	e->public.enumerate = (void*)language_enumerator_enumerate;
-	e->public.destroy = (void*)language_enumerator_destroy;
+	INIT(e,
+		.public = {
+			.enumerate = enumerator_enumerate_default,
+			.venumerate = _language_enumerator_enumerate,
+			.destroy = (void*)free,
+		},
+	);
 
 	if (!this->get_attribute ||
 		!this->get_attribute(this->id, state->get_connection_id(state),
diff --git a/src/libimcv/ita/ita_attr_settings.c b/src/libimcv/ita/ita_attr_settings.c
index c7c968a26..b0907789e 100644
--- a/src/libimcv/ita/ita_attr_settings.c
+++ b/src/libimcv/ita/ita_attr_settings.c
@@ -262,22 +262,29 @@ METHOD(ita_attr_settings_t, add, void,
 	this->list->insert_last(this->list, entry);
 }
 
-/**
- * Enumerate name/value pairs
- */
-static bool entry_filter(void *null, entry_t **entry, char **name,
-						 void *i2, chunk_t *value)
+CALLBACK(entry_filter, bool,
+	void *null, enumerator_t *orig, va_list args)
 {
-	*name = (*entry)->name;
-	*value = (*entry)->value;
-	return TRUE;
+	entry_t *entry;
+	chunk_t *value;
+	char **name;
+
+	VA_ARGS_VGET(args, name, value);
+
+	while (orig->enumerate(orig, &entry))
+	{
+		*name = entry->name;
+		*value = entry->value;
+		return TRUE;
+	}
+	return FALSE;
 }
 
 METHOD(ita_attr_settings_t, create_enumerator, enumerator_t*,
 	private_ita_attr_settings_t *this)
 {
 	return enumerator_create_filter(this->list->create_enumerator(this->list),
-								   (void*)entry_filter, NULL, NULL);
+									entry_filter, NULL, NULL);
 }
 
 /**
diff --git a/src/libimcv/plugins/imc_attestation/Makefile.in b/src/libimcv/plugins/imc_attestation/Makefile.in
index 0475cee50..d67050f0d 100644
--- a/src/libimcv/plugins/imc_attestation/Makefile.in
+++ b/src/libimcv/plugins/imc_attestation/Makefile.in
@@ -356,6 +356,7 @@ docdir = @docdir@
 dvidir = @dvidir@
 exec_prefix = @exec_prefix@
 fips_mode = @fips_mode@
+fuzz_plugins = @fuzz_plugins@
 gtk_CFLAGS = @gtk_CFLAGS@
 gtk_LIBS = @gtk_LIBS@
 host = @host@
@@ -378,6 +379,7 @@ json_CFLAGS = @json_CFLAGS@
 json_LIBS = @json_LIBS@
 libdir = @libdir@
 libexecdir = @libexecdir@
+libfuzzer = @libfuzzer@
 libiptc_CFLAGS = @libiptc_CFLAGS@
 libiptc_LIBS = @libiptc_LIBS@
 linux_headers = @linux_headers@
diff --git a/src/libimcv/plugins/imc_hcd/Makefile.in b/src/libimcv/plugins/imc_hcd/Makefile.in
index e2f1dc5fb..981af3964 100644
--- a/src/libimcv/plugins/imc_hcd/Makefile.in
+++ b/src/libimcv/plugins/imc_hcd/Makefile.in
@@ -353,6 +353,7 @@ docdir = @docdir@
 dvidir = @dvidir@
 exec_prefix = @exec_prefix@
 fips_mode = @fips_mode@
+fuzz_plugins = @fuzz_plugins@
 gtk_CFLAGS = @gtk_CFLAGS@
 gtk_LIBS = @gtk_LIBS@
 host = @host@
@@ -375,6 +376,7 @@ json_CFLAGS = @json_CFLAGS@
 json_LIBS = @json_LIBS@
 libdir = @libdir@
 libexecdir = @libexecdir@
+libfuzzer = @libfuzzer@
 libiptc_CFLAGS = @libiptc_CFLAGS@
 libiptc_LIBS = @libiptc_LIBS@
 linux_headers = @linux_headers@
diff --git a/src/libimcv/plugins/imc_os/Makefile.in b/src/libimcv/plugins/imc_os/Makefile.in
index 0fa0d196b..aa0c49aeb 100644
--- a/src/libimcv/plugins/imc_os/Makefile.in
+++ b/src/libimcv/plugins/imc_os/Makefile.in
@@ -353,6 +353,7 @@ docdir = @docdir@
 dvidir = @dvidir@
 exec_prefix = @exec_prefix@
 fips_mode = @fips_mode@
+fuzz_plugins = @fuzz_plugins@
 gtk_CFLAGS = @gtk_CFLAGS@
 gtk_LIBS = @gtk_LIBS@
 host = @host@
@@ -375,6 +376,7 @@ json_CFLAGS = @json_CFLAGS@
 json_LIBS = @json_LIBS@
 libdir = @libdir@
 libexecdir = @libexecdir@
+libfuzzer = @libfuzzer@
 libiptc_CFLAGS = @libiptc_CFLAGS@
 libiptc_LIBS = @libiptc_LIBS@
 linux_headers = @linux_headers@
diff --git a/src/libimcv/plugins/imc_scanner/Makefile.in b/src/libimcv/plugins/imc_scanner/Makefile.in
index 1b776b2c1..63b43154c 100644
--- a/src/libimcv/plugins/imc_scanner/Makefile.in
+++ b/src/libimcv/plugins/imc_scanner/Makefile.in
@@ -354,6 +354,7 @@ docdir = @docdir@
 dvidir = @dvidir@
 exec_prefix = @exec_prefix@
 fips_mode = @fips_mode@
+fuzz_plugins = @fuzz_plugins@
 gtk_CFLAGS = @gtk_CFLAGS@
 gtk_LIBS = @gtk_LIBS@
 host = @host@
@@ -376,6 +377,7 @@ json_CFLAGS = @json_CFLAGS@
 json_LIBS = @json_LIBS@
 libdir = @libdir@
 libexecdir = @libexecdir@
+libfuzzer = @libfuzzer@
 libiptc_CFLAGS = @libiptc_CFLAGS@
 libiptc_LIBS = @libiptc_LIBS@
 linux_headers = @linux_headers@
diff --git a/src/libimcv/plugins/imc_scanner/imc_scanner.c b/src/libimcv/plugins/imc_scanner/imc_scanner.c
index bf2479cf5..93ed4271b 100644
--- a/src/libimcv/plugins/imc_scanner/imc_scanner.c
+++ b/src/libimcv/plugins/imc_scanner/imc_scanner.c
@@ -116,7 +116,7 @@ static bool do_netstat(ietf_attr_port_filter_t *attr)
 	const char loopback_v4[] = "127.0.0.1";
 	const char loopback_v6[] = "::1";
 
-	/* Open a pipe stream for reading the output of the netstat commmand */
+	/* Open a pipe stream for reading the output of the netstat command */
 	file = popen("/bin/netstat -n -l -p -4 -6 --inet", "r");
 	if (!file)
 	{
diff --git a/src/libimcv/plugins/imc_swid/Makefile.in b/src/libimcv/plugins/imc_swid/Makefile.in
index 13d1924d4..02bc2bfef 100644
--- a/src/libimcv/plugins/imc_swid/Makefile.in
+++ b/src/libimcv/plugins/imc_swid/Makefile.in
@@ -356,6 +356,7 @@ docdir = @docdir@
 dvidir = @dvidir@
 exec_prefix = @exec_prefix@
 fips_mode = @fips_mode@
+fuzz_plugins = @fuzz_plugins@
 gtk_CFLAGS = @gtk_CFLAGS@
 gtk_LIBS = @gtk_LIBS@
 host = @host@
@@ -378,6 +379,7 @@ json_CFLAGS = @json_CFLAGS@
 json_LIBS = @json_LIBS@
 libdir = @libdir@
 libexecdir = @libexecdir@
+libfuzzer = @libfuzzer@
 libiptc_CFLAGS = @libiptc_CFLAGS@
 libiptc_LIBS = @libiptc_LIBS@
 linux_headers = @linux_headers@
diff --git a/src/libimcv/plugins/imc_test/Makefile.in b/src/libimcv/plugins/imc_test/Makefile.in
index 7a4149e70..93c074853 100644
--- a/src/libimcv/plugins/imc_test/Makefile.in
+++ b/src/libimcv/plugins/imc_test/Makefile.in
@@ -353,6 +353,7 @@ docdir = @docdir@
 dvidir = @dvidir@
 exec_prefix = @exec_prefix@
 fips_mode = @fips_mode@
+fuzz_plugins = @fuzz_plugins@
 gtk_CFLAGS = @gtk_CFLAGS@
 gtk_LIBS = @gtk_LIBS@
 host = @host@
@@ -375,6 +376,7 @@ json_CFLAGS = @json_CFLAGS@
 json_LIBS = @json_LIBS@
 libdir = @libdir@
 libexecdir = @libexecdir@
+libfuzzer = @libfuzzer@
 libiptc_CFLAGS = @libiptc_CFLAGS@
 libiptc_LIBS = @libiptc_LIBS@
 linux_headers = @linux_headers@
diff --git a/src/libimcv/plugins/imc_test/imc_test_state.h b/src/libimcv/plugins/imc_test/imc_test_state.h
index 5f9ee2537..365caff7c 100644
--- a/src/libimcv/plugins/imc_test/imc_test_state.h
+++ b/src/libimcv/plugins/imc_test/imc_test_state.h
@@ -42,14 +42,14 @@ struct imc_test_state_t {
 	/**
 	 * get the command to send to IMV
 	 *
-	 * @return				commmand to send to IMV
+	 * @return				command to send to IMV
 	 */
 	char* (*get_command)(imc_test_state_t *this);
 
 	/**
 	 * set the command to send to IMV
 	 *
-	 * @param command		commmand to send to IMV
+	 * @param command		command to send to IMV
 	 */
 	void (*set_command)(imc_test_state_t *this, char *command);
 
diff --git a/src/libimcv/plugins/imv_attestation/Makefile.in b/src/libimcv/plugins/imv_attestation/Makefile.in
index 9782757e0..02bd5f510 100644
--- a/src/libimcv/plugins/imv_attestation/Makefile.in
+++ b/src/libimcv/plugins/imv_attestation/Makefile.in
@@ -367,6 +367,7 @@ docdir = @docdir@
 dvidir = @dvidir@
 exec_prefix = @exec_prefix@
 fips_mode = @fips_mode@
+fuzz_plugins = @fuzz_plugins@
 gtk_CFLAGS = @gtk_CFLAGS@
 gtk_LIBS = @gtk_LIBS@
 host = @host@
@@ -389,6 +390,7 @@ json_CFLAGS = @json_CFLAGS@
 json_LIBS = @json_LIBS@
 libdir = @libdir@
 libexecdir = @libexecdir@
+libfuzzer = @libfuzzer@
 libiptc_CFLAGS = @libiptc_CFLAGS@
 libiptc_LIBS = @libiptc_LIBS@
 linux_headers = @linux_headers@
diff --git a/src/libimcv/plugins/imv_attestation/imv_attestation_state.c b/src/libimcv/plugins/imv_attestation/imv_attestation_state.c
index 1c3b91aeb..d63940797 100644
--- a/src/libimcv/plugins/imv_attestation/imv_attestation_state.c
+++ b/src/libimcv/plugins/imv_attestation/imv_attestation_state.c
@@ -418,24 +418,24 @@ METHOD(imv_attestation_state_t, create_component, pts_component_t*,
 	}
 }
 
-/**
- * Enumerate file measurement entries
- */
-static bool entry_filter(void *null, func_comp_t **entry, uint8_t *flags,
-						 void *i2, uint32_t *depth,
-						 void *i3, pts_comp_func_name_t **comp_name)
+CALLBACK(entry_filter, bool,
+	void *null, enumerator_t *orig, va_list args)
 {
-	pts_component_t *comp;
-	pts_comp_func_name_t *name;
-
-	comp = (*entry)->comp;
-	name = (*entry)->name;
+	func_comp_t *entry;
+	pts_comp_func_name_t **comp_name;
+	uint32_t *depth;
+	uint8_t *flags;
 
-	*flags = comp->get_evidence_flags(comp);
-	*depth = comp->get_depth(comp);
-	*comp_name = name;
+	VA_ARGS_VGET(args, flags, depth, comp_name);
 
-	return TRUE;
+	if (orig->enumerate(orig, &entry))
+	{
+		*flags = entry->comp->get_evidence_flags(entry->comp);
+		*depth = entry->comp->get_depth(entry->comp);
+		*comp_name = entry->name;
+		return TRUE;
+	}
+	return FALSE;
 }
 
 METHOD(imv_attestation_state_t, create_component_enumerator, enumerator_t*,
@@ -443,7 +443,7 @@ METHOD(imv_attestation_state_t, create_component_enumerator, enumerator_t*,
 {
 	return enumerator_create_filter(
 				this->components->create_enumerator(this->components),
-				(void*)entry_filter, NULL, NULL);
+				entry_filter, NULL, NULL);
 }
 
 METHOD(imv_attestation_state_t, get_component, pts_component_t*,
diff --git a/src/libimcv/plugins/imv_hcd/Makefile.in b/src/libimcv/plugins/imv_hcd/Makefile.in
index 62bd827f9..b19cb4a41 100644
--- a/src/libimcv/plugins/imv_hcd/Makefile.in
+++ b/src/libimcv/plugins/imv_hcd/Makefile.in
@@ -353,6 +353,7 @@ docdir = @docdir@
 dvidir = @dvidir@
 exec_prefix = @exec_prefix@
 fips_mode = @fips_mode@
+fuzz_plugins = @fuzz_plugins@
 gtk_CFLAGS = @gtk_CFLAGS@
 gtk_LIBS = @gtk_LIBS@
 host = @host@
@@ -375,6 +376,7 @@ json_CFLAGS = @json_CFLAGS@
 json_LIBS = @json_LIBS@
 libdir = @libdir@
 libexecdir = @libexecdir@
+libfuzzer = @libfuzzer@
 libiptc_CFLAGS = @libiptc_CFLAGS@
 libiptc_LIBS = @libiptc_LIBS@
 linux_headers = @linux_headers@
diff --git a/src/libimcv/plugins/imv_os/Makefile.in b/src/libimcv/plugins/imv_os/Makefile.in
index efefdc87b..f2804f3fc 100644
--- a/src/libimcv/plugins/imv_os/Makefile.in
+++ b/src/libimcv/plugins/imv_os/Makefile.in
@@ -361,6 +361,7 @@ docdir = @docdir@
 dvidir = @dvidir@
 exec_prefix = @exec_prefix@
 fips_mode = @fips_mode@
+fuzz_plugins = @fuzz_plugins@
 gtk_CFLAGS = @gtk_CFLAGS@
 gtk_LIBS = @gtk_LIBS@
 host = @host@
@@ -383,6 +384,7 @@ json_CFLAGS = @json_CFLAGS@
 json_LIBS = @json_LIBS@
 libdir = @libdir@
 libexecdir = @libexecdir@
+libfuzzer = @libfuzzer@
 libiptc_CFLAGS = @libiptc_CFLAGS@
 libiptc_LIBS = @libiptc_LIBS@
 linux_headers = @linux_headers@
diff --git a/src/libimcv/plugins/imv_scanner/Makefile.in b/src/libimcv/plugins/imv_scanner/Makefile.in
index 535e28f1b..6cc107edb 100644
--- a/src/libimcv/plugins/imv_scanner/Makefile.in
+++ b/src/libimcv/plugins/imv_scanner/Makefile.in
@@ -355,6 +355,7 @@ docdir = @docdir@
 dvidir = @dvidir@
 exec_prefix = @exec_prefix@
 fips_mode = @fips_mode@
+fuzz_plugins = @fuzz_plugins@
 gtk_CFLAGS = @gtk_CFLAGS@
 gtk_LIBS = @gtk_LIBS@
 host = @host@
@@ -377,6 +378,7 @@ json_CFLAGS = @json_CFLAGS@
 json_LIBS = @json_LIBS@
 libdir = @libdir@
 libexecdir = @libexecdir@
+libfuzzer = @libfuzzer@
 libiptc_CFLAGS = @libiptc_CFLAGS@
 libiptc_LIBS = @libiptc_LIBS@
 linux_headers = @linux_headers@
diff --git a/src/libimcv/plugins/imv_swid/Makefile.in b/src/libimcv/plugins/imv_swid/Makefile.in
index 1150f12f9..3560752ed 100644
--- a/src/libimcv/plugins/imv_swid/Makefile.in
+++ b/src/libimcv/plugins/imv_swid/Makefile.in
@@ -356,6 +356,7 @@ docdir = @docdir@
 dvidir = @dvidir@
 exec_prefix = @exec_prefix@
 fips_mode = @fips_mode@
+fuzz_plugins = @fuzz_plugins@
 gtk_CFLAGS = @gtk_CFLAGS@
 gtk_LIBS = @gtk_LIBS@
 host = @host@
@@ -378,6 +379,7 @@ json_CFLAGS = @json_CFLAGS@
 json_LIBS = @json_LIBS@
 libdir = @libdir@
 libexecdir = @libexecdir@
+libfuzzer = @libfuzzer@
 libiptc_CFLAGS = @libiptc_CFLAGS@
 libiptc_LIBS = @libiptc_LIBS@
 linux_headers = @linux_headers@
diff --git a/src/libimcv/plugins/imv_swid/imv_swid_rest.c b/src/libimcv/plugins/imv_swid/imv_swid_rest.c
index 143b0b239..0fe96edef 100644
--- a/src/libimcv/plugins/imv_swid/imv_swid_rest.c
+++ b/src/libimcv/plugins/imv_swid/imv_swid_rest.c
@@ -70,27 +70,29 @@ METHOD(imv_swid_rest_t, post, status_t,
 				FETCH_END);
 	free(uri);
 
-	if (status == SUCCESS)
+	if (status != SUCCESS)
 	{
-		return 	SUCCESS;
-	}
-
-	if (code != HTTP_STATUS_CODE_PRECONDITION_FAILED || !response.ptr)
-	{
-		DBG2(DBG_IMV, "REST http request failed with status code: %d", code);
-		return FAILED;
-	}
-
-	if (jresponse)
-	{
-		/* Parse HTTP response into a JSON object */
-		tokener = json_tokener_new();
-		*jresponse = json_tokener_parse_ex(tokener, response.ptr, response.len);
-		json_tokener_free(tokener);
+		if (code != HTTP_STATUS_CODE_PRECONDITION_FAILED || !response.ptr)
+		{
+			DBG2(DBG_IMV, "REST http request failed with status code: %d", code);
+			status = FAILED;
+		}
+		else
+		{
+			if (jresponse)
+			{
+				/* Parse HTTP response into a JSON object */
+				tokener = json_tokener_new();
+				*jresponse = json_tokener_parse_ex(tokener, response.ptr,
+															response.len);
+				json_tokener_free(tokener);
+			}
+			status = NEED_MORE;
+		}
 	}
 	free(response.ptr);
 
-	return NEED_MORE;
+	return status;
 }
 
 METHOD(imv_swid_rest_t, destroy, void,
diff --git a/src/libimcv/plugins/imv_test/Makefile.in b/src/libimcv/plugins/imv_test/Makefile.in
index 055d6fdce..9aebfef67 100644
--- a/src/libimcv/plugins/imv_test/Makefile.in
+++ b/src/libimcv/plugins/imv_test/Makefile.in
@@ -354,6 +354,7 @@ docdir = @docdir@
 dvidir = @dvidir@
 exec_prefix = @exec_prefix@
 fips_mode = @fips_mode@
+fuzz_plugins = @fuzz_plugins@
 gtk_CFLAGS = @gtk_CFLAGS@
 gtk_LIBS = @gtk_LIBS@
 host = @host@
@@ -376,6 +377,7 @@ json_CFLAGS = @json_CFLAGS@
 json_LIBS = @json_LIBS@
 libdir = @libdir@
 libexecdir = @libexecdir@
+libfuzzer = @libfuzzer@
 libiptc_CFLAGS = @libiptc_CFLAGS@
 libiptc_LIBS = @libiptc_LIBS@
 linux_headers = @linux_headers@
diff --git a/src/libimcv/plugins/imv_test/imv_test_agent.c b/src/libimcv/plugins/imv_test/imv_test_agent.c
index 5e4b4866a..fc14359d5 100644
--- a/src/libimcv/plugins/imv_test/imv_test_agent.c
+++ b/src/libimcv/plugins/imv_test/imv_test_agent.c
@@ -188,6 +188,8 @@ static TNC_Result receive_msg(private_imv_test_agent_t *this, imv_state_t *state
 	if (retry)
 	{
 		test_state->set_rounds(test_state, rounds);
+		out_msg->destroy(out_msg);
+
 		return this->agent->request_handshake_retry(
 									this->agent->get_id(this->agent),
 									state->get_connection_id(state),
diff --git a/src/libimcv/pts/pts_file_meas.c b/src/libimcv/pts/pts_file_meas.c
index 6cfb86cb3..92f513a2d 100644
--- a/src/libimcv/pts/pts_file_meas.c
+++ b/src/libimcv/pts/pts_file_meas.c
@@ -94,22 +94,29 @@ METHOD(pts_file_meas_t, add, void,
 	this->list->insert_last(this->list, entry);
 }
 
-/**
- * Enumerate file measurement entries
- */
-static bool entry_filter(void *null, entry_t **entry, char **filename,
-						 void *i2, chunk_t *measurement)
+CALLBACK(entry_filter, bool,
+	void *null, enumerator_t *orig, va_list args)
 {
-	*filename = (*entry)->filename;
-	*measurement = (*entry)->measurement;
-	return TRUE;
+	entry_t *entry;
+	chunk_t *measurement;
+	char **filename;
+
+	VA_ARGS_VGET(args, filename, measurement);
+
+	if (orig->enumerate(orig, &entry))
+	{
+		*filename = entry->filename;
+		*measurement = entry->measurement;
+		return TRUE;
+	}
+	return FALSE;
 }
 
 METHOD(pts_file_meas_t, create_enumerator, enumerator_t*,
 	private_pts_file_meas_t *this)
 {
 	return enumerator_create_filter(this->list->create_enumerator(this->list),
-								   (void*)entry_filter, NULL, NULL);
+									entry_filter, NULL, NULL);
 }
 
 METHOD(pts_file_meas_t, check, bool,
diff --git a/src/libimcv/pts/pts_pcr.c b/src/libimcv/pts/pts_pcr.c
index d514532c5..9f098c08e 100644
--- a/src/libimcv/pts/pts_pcr.c
+++ b/src/libimcv/pts/pts_pcr.c
@@ -111,17 +111,12 @@ typedef struct {
 	private_pts_pcr_t *pcrs;
 } pcr_enumerator_t;
 
-/**
- * Implementation of enumerator.enumerate
- */
-static bool pcr_enumerator_enumerate(pcr_enumerator_t *this, ...)
+METHOD(enumerator_t, pcr_enumerator_enumerate, bool,
+	pcr_enumerator_t *this, va_list args)
 {
-	uint32_t *pcr, i, f;
-	va_list args;
+	uint32_t i, f, *pcr;
 
-	va_start(args, this);
-	pcr = va_arg(args, uint32_t*);
-	va_end(args);
+	VA_ARGS_VGET(args, pcr);
 
 	while (this->pcr <= this->pcrs->pcr_max)
 	{
@@ -148,7 +143,8 @@ METHOD(pts_pcr_t, create_enumerator, enumerator_t*,
 
 	INIT(enumerator,
 		.public = {
-			.enumerate = (void*)pcr_enumerator_enumerate,
+			.enumerate = enumerator_enumerate_default,
+			.venumerate = _pcr_enumerator_enumerate,
 			.destroy = (void*)free,
 		},
 		.pcrs = this,
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.c b/src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.c
index da21003e3..0d8486756 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.c
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_req_func_comp_evid.c
@@ -115,18 +115,24 @@ struct entry_t {
 	pts_comp_func_name_t *name;
 };
 
-/**
- * Enumerate functional component entries
- */
-static bool entry_filter(void *null, entry_t **entry, uint8_t *flags,
-						 void *i2, uint32_t *depth, void *i3,
-						 pts_comp_func_name_t **name)
+CALLBACK(entry_filter, bool,
+	void *null, enumerator_t *orig, va_list args)
 {
-	*flags = (*entry)->flags;
-	*depth = (*entry)->depth;
-	*name  = (*entry)->name;
+	entry_t *entry;
+	pts_comp_func_name_t **name;
+	uint32_t *depth;
+	uint8_t *flags;
 
-	return TRUE;
+	VA_ARGS_VGET(args, flags, depth, name);
+
+	if (orig->enumerate(orig, &entry))
+	{
+		*flags = entry->flags;
+		*depth = entry->depth;
+		*name  = entry->name;
+		return TRUE;
+	}
+	return FALSE;
 }
 
 /**
@@ -318,7 +324,7 @@ METHOD(tcg_pts_attr_req_func_comp_evid_t, create_enumerator, enumerator_t*,
 	private_tcg_pts_attr_req_func_comp_evid_t *this)
 {
 	return enumerator_create_filter(this->list->create_enumerator(this->list),
-								   (void*)entry_filter, NULL, NULL);
+									entry_filter, NULL, NULL);
 }
 
 /**
diff --git a/src/libimcv/tcg/pts/tcg_pts_attr_simple_comp_evid.c b/src/libimcv/tcg/pts/tcg_pts_attr_simple_comp_evid.c
index c249ca151..9438fa062 100644
--- a/src/libimcv/tcg/pts/tcg_pts_attr_simple_comp_evid.c
+++ b/src/libimcv/tcg/pts/tcg_pts_attr_simple_comp_evid.c
@@ -263,13 +263,15 @@ bool measurement_time_from_utc(time_t *measurement_time, chunk_t utc_time)
 {
 	int tm_year, tm_mon, tm_day, tm_days, tm_hour, tm_min, tm_sec, tm_secs;
 	int tm_leap_4, tm_leap_100, tm_leap_400, tm_leap;
+	char buf[BUF_LEN];
 
 	if (memeq(utc_undefined_time_str, utc_time.ptr, utc_time.len))
 	{
 		*measurement_time = 0;
 		return TRUE;
 	}
-	if (sscanf(utc_time.ptr, "%4d-%2d-%2dT%2d:%2d:%2dZ",
+	snprintf(buf, sizeof(buf), "%.*s", (int)utc_time.len, utc_time.ptr);
+	if (sscanf(buf, "%4d-%2d-%2dT%2d:%2d:%2dZ",
 		&tm_year, &tm_mon, &tm_day, &tm_hour, &tm_min, &tm_sec) != 6)
 	{
 		return FALSE;