importprivkey doesn't check that it is given a private key #1084

pull dooglus wants to merge 1 commits into bitcoin:master from dooglus:validate_secret changing 2 files +17 −5
  1. dooglus commented at 8:20 PM on April 12, 2012: contributor

    I just accidentally ran:

    bitcoind importprivkey 1HV9Lc3sNHZxwj4Zk6fB38tEmBryq2cBiF

    passing an address instead of a private key, and it didn't complain.

    I ended up with a new key in my wallet with a potentially publicly known private key.

    This pull request adds a call of IsValid() to CBitcoinSecret's SetString() function to ensure that the private key at least has the correct version.

    I also added unit tests that make sure CBitcoinSecret::SetString() fails when passed a Bitcoin address, and succeeds when passed compressed or regular private keys.

  2. CBitcoinSecret::SetString() now calls IsValid() to make sure it was passed something with the correct version. b3a6e613fc
  3. sipa commented at 10:59 PM on April 12, 2012: member

    ACK

  4. laanwj commented at 6:32 AM on April 13, 2012: member

    Makes sense. ACK.

  5. jgarzik referenced this in commit fced2231f8 on Apr 15, 2012
  6. jgarzik merged this on Apr 15, 2012
  7. jgarzik closed this on Apr 15, 2012
  8. coblee referenced this in commit c51b63926b on Jul 17, 2012
  9. suprnurd referenced this in commit 609aa7de2a on Dec 5, 2017
  10. dagurval referenced this in commit 913042f076 on May 27, 2018
  11. lateminer referenced this in commit 7b3455acaa on Nov 14, 2019
  12. dexX7 referenced this in commit 850c5882af on Mar 4, 2020
  13. DrahtBot locked this on Sep 8, 2021
Contributors
dooglussipalaanwj
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-16 00:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me