From c7f933259623c87a9a3d116cc9bcfd75deb497da Mon Sep 17 00:00:00 2001 From: "Wladimir J. van der Laan" Date: Tue, 28 Jan 2014 09:38:10 +0100 Subject: [PATCH] Add check for valid keys in `importprivkey` The base58 armoring was checked, but not the resulting private key, which could be out of range. Fix this by adding a check. --- src/rpcdump.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/rpcdump.cpp b/src/rpcdump.cpp index 726f23011b..f66dbc0eb0 100644 --- a/src/rpcdump.cpp +++ b/src/rpcdump.cpp @@ -101,9 +101,11 @@ Value importprivkey(const Array& params, bool fHelp) CBitcoinSecret vchSecret; bool fGood = vchSecret.SetString(strSecret); - if (!fGood) throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, "Invalid private key"); + if (!fGood) throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, "Invalid private key encoding"); CKey key = vchSecret.GetKey(); + if (!key.IsValid()) throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, "Private key outside allowed range"); + CPubKey pubkey = key.GetPubKey(); CKeyID vchAddress = pubkey.GetID(); {