From: René Scharfe <l.s.r@web.de>
Date: Tue, 1 Jul 2014 18:00:01 +0000 (+0200)
Subject: sha1_file: avoid overrunning alternate object base string
X-Git-Tag: v2.0.2~3^2
X-Git-Url: https://git.lorimer.id.au/gitweb.git/diff_plain/80b47854ca84abec991f6fff42dbeb6626588b87?ds=inline;hp=--cc

sha1_file: avoid overrunning alternate object base string

While checking if a new alternate object database is a duplicate make
sure that old and new base paths have the same length before comparing
them with memcmp.  This avoids overrunning the buffer of the existing
entry if the new one is longer and it stops rejecting foobar/ after
foo/ was already added.

Signed-off-by: Rene Scharfe <ls.r@web.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
---

80b47854ca84abec991f6fff42dbeb6626588b87
diff --git a/sha1_file.c b/sha1_file.c
index 06c809aeeb..dae6433c06 100644
--- a/sha1_file.c
+++ b/sha1_file.c
@@ -303,7 +303,8 @@ static int link_alt_odb_entry(const char *entry, const char *relative_base, int
 	 * thing twice, or object directory itself.
 	 */
 	for (alt = alt_odb_list; alt; alt = alt->next) {
-		if (!memcmp(ent->base, alt->base, pfxlen)) {
+		if (pfxlen == alt->name - alt->base - 1 &&
+		    !memcmp(ent->base, alt->base, pfxlen)) {
 			free(ent);
 			return -1;
 		}