sha1_file: avoid overrunning alternate object base string

While checking if a new alternate object database is a duplicate make
sure that old and new base paths have the same length before comparing
them with memcmp.  This avoids overrunning the buffer of the existing
entry if the new one is longer and it stops rejecting foobar/ after
foo/ was already added.

Signed-off-by: Rene Scharfe <ls.r@web.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/sha1_file.c b/sha1_file.c
index 06c809aeeb3a608c09247b4f2146eb246938d6bf..dae6433c066e072ecf135c0a08e735cc0e2dfbe3 100644 (file)
--- a/sha1_file.c
+++ b/sha1_file.c
@@ -303,7 +303,8 @@ static int link_alt_odb_entry(const char *entry, const char *relative_base, int
         * thing twice, or object directory itself.
         */
        for (alt = alt_odb_list; alt; alt = alt->next) {
-               if (!memcmp(ent->base, alt->base, pfxlen)) {
+               if (pfxlen == alt->name - alt->base - 1 &&
+                   !memcmp(ent->base, alt->base, pfxlen)) {
                        free(ent);
                        return -1;
                }