Created attachment 219761 [details]
Clang address sanitizer report
If get_tm_used encounters a directory with a name ending in
"sparsebunlde", and the logged-in user does not have execute permission
on that directory, we destroy the infoplist bstring we created, and
move on to the next entry. Unfortunately, we do not set infoplist to
NULL, and trying to bdestroy infoplist at cleanup time causes an
attempted read of bstring->slen in a region that was freed.
Found with Clang's address sanitizer.
Created attachment 219762 [details]
A commit references this bug:
Date: Sun Nov 22 22:08:39 UTC 2020
New revision: 556076
Fix two memory corruption crashes.
* Use-after-free in afpd's Time Machine Code 
* Memory overrun in extended attributes 
PR: 251203 
Submitted by: Jose Quinteiro <firstname.lastname@example.org>
Thanks so much for these fixes, Jose! Committed!