Apple's APFS file system included in macOS High Sierra suffers from a disk image vulnerability that in certain circumstances can lead to data loss, according to the creator of Carbon Copy Cloner.

In a blog post last Thursday, software developer Mike Bombich explained that he had uncovered the data writing flaw in the Apple File System, or APFS, through his regular work with "sparse" disk images.



For those who aren't familiar with the term, a sparse disk image is basically a file that macOS mounts on the desktop and treats as if it was a physically attached drive with a classic disk volume structure. The flexibility of sparse disk images means they are commonly used in the course of performing backup and disk cloning operations, hence Bombich's extensive experience with them.



Earlier this week I noticed that an APFS-formatted sparsebundle disk image volume showed ample free space, despite that the underlying disk was completely full. Curious, I copied a video file to the disk image volume to see what would happen. The whole file copied without error! I opened the file, verified that the video played back start to finish, checksummed the file – as far as I could tell, the file was intact and whole on the disk image. When I unmounted and remounted the disk image, however, the video was corrupted. If you've ever lost data, you know the kick-in-the-gut feeling that would have ensued. Thankfully, I was just running some tests and the file that disappeared was just test data.

Two related problems are identified by Bombich, above. The first is that the free space on the APFS-formatted sparse disk image doesn't update as it should when the free space on the underlying physical host disk is reduced. The second problem is the lack of error reports when write requests fail to dynamically grow the disk image, resulting in data being "written" into a void. Bombich tracks both bugs back to macOS's background "diskimages-helper" application service, which he has since reported to Apple.

Bombich's video demonstrating the APFS bug

Every installation of High Sierra on Macs with all-flash storage converts the existing file system to APFS, which is optimized for modern storage systems like solid-state drives. However, as Bombich notes, ordinary APFS volumes like SSD startup disks are not affected by the problem described above, so the vast majority of users won't be affected by it – the flaw is most applicable when making backups to network volumes. Bombich says Carbon Copy Cloner will not support AFPS-formatted sparse disk images until Apple resolves the issue.

The APFS flaw follows the discovery of another bug in Apple's operating systems that received extensive coverage last week. That bug is induced by sending a specific character in the Indian language Telugu, which causes certain apps on iPhones, iPads, and Macs to freeze up and become unresponsive. The Telugu character bug has already been fixed in Apple's upcoming iOS 11.3 and macOS 10.13.4 software updates.