From 4aa059f9fa548b8e960efbf279403416a8ba57d9 Mon Sep 17 00:00:00 2001
From: John Carr <jfc@mit.edu>
Date: Sun, 23 Feb 1992 12:15:07 +0000
Subject: [PATCH] Compare key lengths before comparing key data

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@2224 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/lib/kdb/verify_mky.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/lib/kdb/verify_mky.c b/src/lib/kdb/verify_mky.c
index 6f62fd18b..3b1278b7f 100644
--- a/src/lib/kdb/verify_mky.c
+++ b/src/lib/kdb/verify_mky.c
@@ -76,8 +76,8 @@ krb5_encrypt_block *eblock;
 	krb5_db_free_principal(&master_entry, nprinc);
 	return retval;
     }
-    if (memcmp((char *)mkey->contents, (char *)tempkey.contents,
-	       mkey->length)) {
+    if (mkey->length != tempkey.length ||
+	memcmp((char *)mkey->contents, (char *)tempkey.contents,mkey->length)) {
 	retval = KRB5_KDB_BADMASTERKEY;
 	(void) krb5_finish_key(eblock);
     } else
-- 
2.26.2