The Cloud Consultancy Europe Ltd.
+44 (0) 203 637 6667 [email protected]

Apple’s APFS proprietary file system is suffering from a disk image vulnerability that could lead to data loss, according to an Apple software developer.

APFS, which simply stands for Apple File System, aims to fix core problems on MacOS, iOS, tvOS and WatchOS. However, Carbon Copy Cloner creator, software developer Mike Bombich, revealed in a blog post that he has uncovered a data writing flaw in the system through his regular work with “sparse” disk images.

A sparse disk image is a type of disk image file used on MacOS that grows in size as the user adds data to the image, taking up only as much disk space as stored in it. MacOS mounts it on the desktop and treats as if it was a physically attached drive with a classic disk volume structure. These sparse disk images are often used in backup and disk cloning operations.

However, Bombich has found two problems related to the found bug. The first is that the free space on the APFS-formatted sparse disk image doesn’t update when the free space on the underlying physical host disk is reduced. The second is related to the lack of error reports when write requests fail, whichb results in data being written into a “void”.

“I noticed that an APFS-formatted sparsebundle disk image volume showed ample free space, despite that the underlying disk was completely full,” he explained in the post.

“Curious, I copied a video file to the disk image volume to see what would happen. The whole file copied without error! I opened the file, verified that the video played back start to finish, checksummed the file – as far as I could tell, the file was intact and whole on the disk image.”

When Bombich unmounted and remounted the disk image, however, he found that the video was corrupted.

“If you’ve ever lost data, you know the kick-in-the-gut feeling that would have ensued,” he added. “Thankfully, I was just running some tests and the file that disappeared was just test data.”

Bombich has reported the bug to Apple, which will need to issue operating system updates to eradicate it. In the meantime, Bombich has put development of his company’s ADFS products on hold.

Source: Computing