#include "builtin.h"
 #include "cache.h"
+#include "config.h"
 #include "object.h"
 #include "delta.h"
 #include "pack.h"
 static unsigned char buffer[4096];
 static unsigned int offset, len;
 static off_t consumed_bytes;
+static off_t max_input_size;
 static git_SHA_CTX ctx;
 static struct fsck_options fsck_options = FSCK_OPTIONS_STRICT;
 
        if (signed_add_overflows(consumed_bytes, bytes))
                die("pack too large for current definition of off_t");
        consumed_bytes += bytes;
+       if (max_input_size && consumed_bytes > max_input_size)
+               die(_("pack exceeds maximum allowed size"));
 }
 
 static void *get_data(unsigned long size)
                        break;
                if (ret != Z_OK) {
                        error("inflate returned %d", ret);
-                       free(buf);
-                       buf = NULL;
+                       FREE_AND_NULL(buf);
                        if (!recover)
                                exit(1);
                        has_errors = 1;
 }
 
 struct delta_info {
-       unsigned char base_sha1[20];
+       struct object_id base_oid;
        unsigned nr;
        off_t base_offset;
        unsigned long size;
 
 static struct delta_info *delta_list;
 
-static void add_delta_to_list(unsigned nr, unsigned const char *base_sha1,
+static void add_delta_to_list(unsigned nr, const struct object_id *base_oid,
                              off_t base_offset,
                              void *delta, unsigned long size)
 {
        struct delta_info *info = xmalloc(sizeof(*info));
 
-       hashcpy(info->base_sha1, base_sha1);
+       oidcpy(&info->base_oid, base_oid);
        info->base_offset = base_offset;
        info->size = size;
        info->delta = delta;
 
 struct obj_info {
        off_t offset;
-       unsigned char sha1[20];
+       struct object_id oid;
        struct object *obj;
 };
 
  */
 static void write_cached_object(struct object *obj, struct obj_buffer *obj_buf)
 {
-       unsigned char sha1[20];
+       struct object_id oid;
 
-       if (write_sha1_file(obj_buf->buffer, obj_buf->size, typename(obj->type), sha1) < 0)
+       if (write_sha1_file(obj_buf->buffer, obj_buf->size, typename(obj->type), oid.hash) < 0)
                die("failed to write object %s", oid_to_hex(&obj->oid));
        obj->flags |= FLAG_WRITTEN;
 }
                         void *buf, unsigned long size)
 {
        if (!strict) {
-               if (write_sha1_file(buf, size, typename(type), obj_list[nr].sha1) < 0)
+               if (write_sha1_file(buf, size, typename(type), obj_list[nr].oid.hash) < 0)
                        die("failed to write object");
                added_object(nr, type, buf, size);
                free(buf);
                obj_list[nr].obj = NULL;
        } else if (type == OBJ_BLOB) {
                struct blob *blob;
-               if (write_sha1_file(buf, size, typename(type), obj_list[nr].sha1) < 0)
+               if (write_sha1_file(buf, size, typename(type), obj_list[nr].oid.hash) < 0)
                        die("failed to write object");
                added_object(nr, type, buf, size);
                free(buf);
 
-               blob = lookup_blob(obj_list[nr].sha1);
+               blob = lookup_blob(&obj_list[nr].oid);
                if (blob)
                        blob->object.flags |= FLAG_WRITTEN;
                else
        } else {
                struct object *obj;
                int eaten;
-               hash_sha1_file(buf, size, typename(type), obj_list[nr].sha1);
+               hash_sha1_file(buf, size, typename(type), obj_list[nr].oid.hash);
                added_object(nr, type, buf, size);
-               obj = parse_object_buffer(obj_list[nr].sha1, type, size, buf, &eaten);
+               obj = parse_object_buffer(&obj_list[nr].oid, type, size, buf,
+                                         &eaten);
                if (!obj)
                        die("invalid %s", typename(type));
                add_object_buffer(obj, buf, size);
        struct delta_info *info;
 
        while ((info = *p) != NULL) {
-               if (!hashcmp(info->base_sha1, obj_list[nr].sha1) ||
+               if (!oidcmp(&info->base_oid, &obj_list[nr].oid) ||
                    info->base_offset == obj_list[nr].offset) {
                        *p = info->next;
                        p = &delta_list;
                free(buf);
 }
 
-static int resolve_against_held(unsigned nr, const unsigned char *base,
+static int resolve_against_held(unsigned nr, const struct object_id *base,
                                void *delta_data, unsigned long delta_size)
 {
        struct object *obj;
        struct obj_buffer *obj_buffer;
-       obj = lookup_object(base);
+       obj = lookup_object(base->hash);
        if (!obj)
                return 0;
        obj_buffer = lookup_object_buffer(obj);
 {
        void *delta_data, *base;
        unsigned long base_size;
-       unsigned char base_sha1[20];
+       struct object_id base_oid;
 
        if (type == OBJ_REF_DELTA) {
-               hashcpy(base_sha1, fill(20));
-               use(20);
+               hashcpy(base_oid.hash, fill(GIT_SHA1_RAWSZ));
+               use(GIT_SHA1_RAWSZ);
                delta_data = get_data(delta_size);
                if (dry_run || !delta_data) {
                        free(delta_data);
                        return;
                }
-               if (has_sha1_file(base_sha1))
+               if (has_object_file(&base_oid))
                        ; /* Ok we have this one */
-               else if (resolve_against_held(nr, base_sha1,
+               else if (resolve_against_held(nr, &base_oid,
                                              delta_data, delta_size))
                        return; /* we are done */
                else {
                        /* cannot resolve yet --- queue it */
-                       hashcpy(obj_list[nr].sha1, null_sha1);
-                       add_delta_to_list(nr, base_sha1, 0, delta_data, delta_size);
+                       oidclr(&obj_list[nr].oid);
+                       add_delta_to_list(nr, &base_oid, 0, delta_data, delta_size);
                        return;
                }
        } else {
                        } else if (base_offset > obj_list[mid].offset) {
                                lo = mid + 1;
                        } else {
-                               hashcpy(base_sha1, obj_list[mid].sha1);
-                               base_found = !is_null_sha1(base_sha1);
+                               oidcpy(&base_oid, &obj_list[mid].oid);
+                               base_found = !is_null_oid(&base_oid);
                                break;
                        }
                }
                         * The delta base object is itself a delta that
                         * has not been resolved yet.
                         */
-                       hashcpy(obj_list[nr].sha1, null_sha1);
-                       add_delta_to_list(nr, null_sha1, base_offset, delta_data, delta_size);
+                       oidclr(&obj_list[nr].oid);
+                       add_delta_to_list(nr, &null_oid, base_offset, delta_data, delta_size);
                        return;
                }
        }
 
-       if (resolve_against_held(nr, base_sha1, delta_data, delta_size))
+       if (resolve_against_held(nr, &base_oid, delta_data, delta_size))
                return;
 
-       base = read_sha1_file(base_sha1, &type, &base_size);
+       base = read_sha1_file(base_oid.hash, &type, &base_size);
        if (!base) {
                error("failed to read delta-pack base object %s",
-                     sha1_to_hex(base_sha1));
+                     oid_to_hex(&base_oid));
                if (!recover)
                        exit(1);
                has_errors = 1;
 int cmd_unpack_objects(int argc, const char **argv, const char *prefix)
 {
        int i;
-       unsigned char sha1[20];
+       struct object_id oid;
 
        check_replace_refs = 0;
 
                                len = sizeof(*hdr);
                                continue;
                        }
+                       if (skip_prefix(arg, "--max-input-size=", &arg)) {
+                               max_input_size = strtoumax(arg, NULL, 10);
+                               continue;
+                       }
                        usage(unpack_usage);
                }
 
        git_SHA1_Init(&ctx);
        unpack_all();
        git_SHA1_Update(&ctx, buffer, offset);
-       git_SHA1_Final(sha1, &ctx);
+       git_SHA1_Final(oid.hash, &ctx);
        if (strict)
                write_rest();
-       if (hashcmp(fill(20), sha1))
+       if (hashcmp(fill(GIT_SHA1_RAWSZ), oid.hash))
                die("final sha1 did not match");
-       use(20);
+       use(GIT_SHA1_RAWSZ);
 
        /* Write the last part of the buffer to stdout */
        while (len) {