This is a little disturbing; nsd is kind of a big deal, and afl on zone files is a pretty basic test to run. Kudos to the author for doing it, but why haven't the authors of nsd done it already, and what else haven't they done?
There is really no good reason for DNS servers to be written in C anymore.
> There is really no good reason for DNS servers to be written in C anymore.
I’m a little behind on docs, but we have a pretty decent start on one in Rust: https://github.com/bluejekyll/trust-dns
We still need an AXFR, IXFR, or replication solution.
Also, I haven’t had time to fuzz the zone parsers, so I can’t guarantee we’re resilient to the above yet, but the packet parsers are getting pretty widely used across multiple Rust projects now through the trust-dns-resolver library.