Re: [Pkg-netatalk-devel] Bug#1036740: Bug#1036740: Fix for CVE-2022-23123 causes afpd segfault with valid metadata

[Daniel Markstedt <markstedt@gmail.com>]

On Fri, May 26, 2023 at 1:15 PM Markus Koschany <apo@debian.org> wrote:
>
> Could you tell me which exact commands were used, so that I can try to
> reproduce the problem?
>

Do by any chance have access to a Mac of any vintage?
It could be a brand new machine running the latest macOS or a classic
Mac from the 90s running at least System Software 7.1

The problem occurs when the AFP client attempts to create the Mac file
system metadata (aka resource forks on Classic Mac OS, or extended
attributes on OSX.)

Netatalk should be configured something like this:

dmark@buster:~$ cat /etc/netatalk/afp.conf
[Global]
zeroconf name = Buster
uam list = uams_clrtxt.so uams_dhx2.so

[Homes]
basedir regex = /home
appledouble = v2

After authenticating with the netatalk server on the Mac, attempt to
copy any file to the shared volume.
You should get an instant error -50 in Mac OS, and see the
aforementioned errors in the logs.