For the first 13 iterations of the loop we read behind the start of the array. Instead of just adding a range check, rewrite the code to split the loop in two so it's easier to follow. Reported by Timo Myyrä ok stsp@

The first `nmeta - max_base_candidates` were not freed in `got_pack_create`. Patch by Kyle Ackerman ok op@

Some parts of the code rely on staged_blob_id being NULL in certain cases. Restore this behaviour while keeping the segfault bug fixed.

reported by Johannes Thyssen Tishman

We didn't always call imsg_free(); while here also fix the `default` branch so it actually errors on unexpected messages. Diff from Kyle Ackerman with tweaks from tb@

If a repository contains a tag that tags another tag we could fail with a "bad object data" error while creating pack files because the packed-object-enumeration code assumed that only commits get tagged, trying to parse the tagged tag object as if it were a commit. This issue affected 'got send' and 'gotadmin pack'. There is probably more work to do here because other weird cases are known to exist in the wild, such as git.git's refs/tags/junio-gpg-pub which tags a blob. Problem with 'got send' reported by jrick@

If an unexpected object type is found while resolving a reference in the ref view, have tog exit with an "unknown object type" error instead of crashing. Found while playing with a repo which contains tags that tag tags.

Some callers were manually converting from ENOENT to NO_OBJ. Checking errno becomes increasingly unreliable the further up the call-chain we return to. Let's return NO_OBJ directly at the spot where the original error condition is detected.

this is to help -portable. Some systems don't define HOST_NAME_MAX at all, and assume instead that code will use sysctl(_SC_HOST_NAME_MAX) with a VLA or a dynamic allocation, which is completely backward and useless. So, use the _POSIX hammer on this one too. it's dirty, but it's better to strive to avoid gratious -portable changes. reported and discussed with Thomas Adam.