From 80b47854ca84abec991f6fff42dbeb6626588b87 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Ren=C3=A9=20Scharfe?= <l.s.r@web.de>
Date: Tue, 1 Jul 2014 20:00:01 +0200
Subject: [PATCH] sha1_file: avoid overrunning alternate object base string

While checking if a new alternate object database is a duplicate make
sure that old and new base paths have the same length before comparing
them with memcmp.  This avoids overrunning the buffer of the existing
entry if the new one is longer and it stops rejecting foobar/ after
foo/ was already added.

Signed-off-by: Rene Scharfe <ls.r@web.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
---
 sha1_file.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/sha1_file.c b/sha1_file.c
index 06c809aeeb..dae6433c06 100644
--- a/sha1_file.c
+++ b/sha1_file.c
@@ -303,7 +303,8 @@ static int link_alt_odb_entry(const char *entry, const char *relative_base, int
 	 * thing twice, or object directory itself.
 	 */
 	for (alt = alt_odb_list; alt; alt = alt->next) {
-		if (!memcmp(ent->base, alt->base, pfxlen)) {
+		if (pfxlen == alt->name - alt->base - 1 &&
+		    !memcmp(ent->base, alt->base, pfxlen)) {
 			free(ent);
 			return -1;
 		}
-- 
2.11.4.GIT