Home / Companies / Cloudflare / Blog / Post Details
Content Deep Dive

DNS parser, meet Go fuzzer

Blog post from Cloudflare

Post Details
Company
Date Published
Author
Filippo Valsorda
Word Count
2,034
Company Posts That Month
12
Language
English
Hacker News Points
165
Post removed?
No
Summary

CloudFlare has been using the github.com/miekg/dns Go DNS library heavily and contributing to its development as much as possible. When Dmitry Vyukov published go-fuzz, a tool that applies fuzzing technique to Go programs, they decided to use it on their DNS library. Fuzzing is the process of testing software by continuously feeding it inputs that are automatically mutated. The go-fuzz tool uses source coverage to judge which mutations pushed the program into new paths and eventually hit many rarely-tested branches. By using go-fuzz, CloudFlare was able to find and fix several bugs in their DNS library, including a potential Denial of Service vulnerability related to handling empty names. They also used go-fuzz for other applications such as checking output validation by adding crashing assertions to the Fuzz() function and comparing the behavior of two different versions or implementations of the same functionality. The use of go-fuzz allowed CloudFlare to improve the robustness and security of their DNS library, which serves 43 billion queries per day. They are currently hiring in London, San Francisco, and Singapore for positions related to this work.

Trends Found in this Post

No tracked trend matches for this post yet.

Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.