See bug 1036982 for the source of the problem Description of problem: mount_afp crashes. Version-Release number of selected component (if applicable): 0.8.1-17.fc21 How reproducible: All the time Steps to Reproduce: 1. $ mount_afp afp://foo/Music Music Actual results: zsh: segmentation fault (core dumped) mount_afp afp://foo/Music Music Expected results: no crash Additional info: http://pkgs.fedoraproject.org/cgit/afpfs-ng.git/tree/afpfs-ng-0.8.1-formatsec.patch#n111 replace snprintf by strncat without checking the paramaters are in order. solution snprintf(..., ...., "%s", ...) instead of strncat(). Had you tested it you'd know.
strncpy() would work too. And if you really want to be secure, the size parameter is supposed to be the size of the destination, not the size from the source.
Also it should be noted that you ignored the compiler warnings too: gcc -DHAVE_CONFIG_H -I. -I.. -D_FILE_OFFSET_BITS=64 -I../include -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -c status.c -fPIC -DPIC -o .libs/libafpclient_la-status.o afp_url.c: In function 'afp_parse_url': afp_url.c:236:2: warning: passing argument 2 of 'strncat' makes pointer from integer without a cast strncat(url->servername,strlen(p)+1,p); from https://kojipkgs.fedoraproject.org//packages/afpfs-ng/0.8.1/17.fc21/data/logs/x86_64/build.log
Created attachment 960937 [details] afpfs-ng-0.8.1-formatsec.patch Here the fixed version of the patch (not of a diff of the patch but just afpfs-ng-0.8.1-formatsec.patch as found in SOURCES). It fixes what the other patch broke. There is plenty of other things upstream that should be fixed too. Please apply this urgently.
afpfs-ng-0.8.1-18.fc21 has been submitted as an update for Fedora 21. https://admin.fedoraproject.org/updates/afpfs-ng-0.8.1-18.fc21
afpfs-ng-0.8.1-13.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/afpfs-ng-0.8.1-13.fc20
Thank you kindly.
Package afpfs-ng-0.8.1-13.fc20: * should fix your issue, * was pushed to the Fedora 20 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing afpfs-ng-0.8.1-13.fc20' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2014-15823/afpfs-ng-0.8.1-13.fc20 then log in and leave karma (feedback).
afpfs-ng-0.8.1-18.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
afpfs-ng-0.8.1-13.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.