diff --git a/src/resolve/fuzz-resource-record.c b/src/resolve/fuzz-resource-record.c
new file mode 100644
index 0000000000..15c465933d
--- /dev/null
+++ b/src/resolve/fuzz-resource-record.c
@@ -0,0 +1,35 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include "fd-util.h"
+#include "fuzz.h"
+#include "memory-util.h"
+#include "resolved-dns-packet.h"
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+        _cleanup_free_ char *out = NULL; /* out should be freed after f */
+        size_t out_size;
+        _cleanup_fclose_ FILE *f = NULL;
+        _cleanup_(dns_resource_record_unrefp) DnsResourceRecord *rr = NULL, *copy = NULL;
+        _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
+
+        if (outside_size_range(size, 0, DNS_PACKET_SIZE_MAX))
+                return 0;
+
+        if (dns_resource_record_new_from_raw(&rr, data, size) < 0)
+                return 0;
+
+        assert_se(copy = dns_resource_record_copy(rr));
+        assert_se(dns_resource_record_equal(copy, rr) > 0);
+
+        assert_se(f = open_memstream_unlocked(&out, &out_size));
+        (void) fprintf(f, "%s", strna(dns_resource_record_to_string(rr)));
+
+        if (dns_resource_record_to_json(rr, &v) < 0)
+                return 0;
+
+        (void) json_variant_dump(v, JSON_FORMAT_PRETTY|JSON_FORMAT_COLOR|JSON_FORMAT_SOURCE, f, NULL);
+        (void) dns_resource_record_to_wire_format(rr, false);
+        (void) dns_resource_record_to_wire_format(rr, true);
+
+        return 0;
+}
diff --git a/src/resolve/meson.build b/src/resolve/meson.build
index e11aefce7a..cd02c88039 100644
--- a/src/resolve/meson.build
+++ b/src/resolve/meson.build
@@ -237,6 +237,11 @@ fuzzers += [
           libshared],
          [lib_openssl_or_gcrypt,
           libm]],
+        [files('fuzz-resource-record.c'),
+         [libsystemd_resolve_core,
+          libshared],
+         [lib_openssl_or_gcrypt,
+          libm]],
 ]
 
 systemd_resolved_sources += files('resolved.c')
diff --git a/src/resolve/resolved-dns-rr.c b/src/resolve/resolved-dns-rr.c
index d47cdbbd8e..f4fa219ab7 100644
--- a/src/resolve/resolved-dns-rr.c
+++ b/src/resolve/resolved-dns-rr.c
@@ -1137,12 +1137,15 @@ const char *dns_resource_record_to_string(DnsResourceRecord *rr) {
                 break;
 
         default:
-                t = hexmem(rr->generic.data, rr->generic.data_size);
-                if (!t)
-                        return NULL;
-
                 /* Format as documented in RFC 3597, Section 5 */
-                r = asprintf(&s, "%s \\# %zu %s", k, rr->generic.data_size, t);
+                if (rr->generic.data_size == 0)
+                        r = asprintf(&s, "%s \\# 0", k);
+                else {
+                        t = hexmem(rr->generic.data, rr->generic.data_size);
+                        if (!t)
+                                return NULL;
+                        r = asprintf(&s, "%s \\# %zu %s", k, rr->generic.data_size, t);
+                }
                 if (r < 0)
                         return NULL;
                 break;
diff --git a/test/fuzz/fuzz-resource-record/crash-type-bitmap-to-json b/test/fuzz/fuzz-resource-record/crash-type-bitmap-to-json
new file mode 100644
index 0000000000..a7d5b430dd
Binary files /dev/null and b/test/fuzz/fuzz-resource-record/crash-type-bitmap-to-json differ
diff --git a/test/fuzz/fuzz-resource-record/ub-zero-length-rdata b/test/fuzz/fuzz-resource-record/ub-zero-length-rdata
new file mode 100644
index 0000000000..b5301ee20c
Binary files /dev/null and b/test/fuzz/fuzz-resource-record/ub-zero-length-rdata differ