diff --git a/tests/fuzzing/json/Makefile b/tests/fuzzing/json/Makefile
new file mode 100644
index 000000000..ffa0c5a99
--- /dev/null
+++ b/tests/fuzzing/json/Makefile
@@ -0,0 +1,19 @@
+all: json
+include ../rules.include
+
+OBJS += $(SRC)/utils/base64.o
+OBJS += $(SRC)/utils/common.o
+OBJS += $(SRC)/utils/json.o
+OBJS += $(SRC)/utils/os_unix.o
+OBJS += $(SRC)/utils/wpa_debug.o
+OBJS += $(SRC)/utils/wpabuf.o
+
+json: json.o $(OBJS) $(LIBS)
+	$(LDO) $(LDFLAGS) -o $@ $^ $(LIBS) $(ELIBS)
+
+clean:
+	$(MAKE) -C $(SRC) clean
+	$(MAKE) -C $(WPAS_SRC) clean
+	rm -f json *~ *.o *.d ../*~ ../*.o ../*.d
+
+-include $(OBJS:%.o=%.d)
diff --git a/tests/fuzzing/json/corpus/1.json b/tests/fuzzing/json/corpus/1.json
new file mode 100644
index 000000000..16c8b963c
--- /dev/null
+++ b/tests/fuzzing/json/corpus/1.json
@@ -0,0 +1 @@
+{"a":[[]],"b":1,"c":"q","d":{"e":[{}]}}
diff --git a/tests/fuzzing/json/corpus/2.json b/tests/fuzzing/json/corpus/2.json
new file mode 100644
index 000000000..0967ef424
--- /dev/null
+++ b/tests/fuzzing/json/corpus/2.json
@@ -0,0 +1 @@
+{}
diff --git a/tests/fuzzing/json/corpus/3.json b/tests/fuzzing/json/corpus/3.json
new file mode 100644
index 000000000..573541ac9
--- /dev/null
+++ b/tests/fuzzing/json/corpus/3.json
@@ -0,0 +1 @@
+0
diff --git a/tests/fuzzing/json/json.c b/tests/fuzzing/json/json.c
new file mode 100644
index 000000000..af6c5e74c
--- /dev/null
+++ b/tests/fuzzing/json/json.c
@@ -0,0 +1,38 @@
+/*
+ * JSON parser - test program
+ * Copyright (c) 2019, Jouni Malinen <j@w1.fi>
+ *
+ * This software may be distributed under the terms of the BSD license.
+ * See README for more details.
+ */
+
+#include "utils/includes.h"
+#include "utils/common.h"
+#include "utils/json.h"
+#include "../fuzzer-common.h"
+
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+	struct json_token *root;
+	char *txt;
+	size_t buflen = 10000;
+
+	wpa_fuzzer_set_debug_level();
+
+	root = json_parse((const char *) data, size);
+	if (!root) {
+		wpa_printf(MSG_DEBUG, "JSON parsing failed");
+		return 0;
+	}
+
+	txt = os_zalloc(buflen);
+	if (txt) {
+		json_print_tree(root, txt, buflen);
+		wpa_printf(MSG_DEBUG, "%s", txt);
+		os_free(txt);
+	}
+	json_free(root);
+
+	return 0;
+}