signrawtransaction crashes bitcoind when given the zero private key #5454

issue dooglus opened this issue on December 9, 2014
  1. dooglus commented at 5:40 PM on December 9, 2014: contributor 
    bitcoind signrawtransaction $(bitcoind createrawtransaction '[{"txid":"deadbeef","vout":1}]' '{}') '[]' '["5HpHagT65TZzG1PH3CSu63k8DbpvD8s5ip4nEB3kEsreAbuatmU"]'
error: no response from server

    A fix appears to be to insert:

            if (!key.IsValid()) {
            throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, "Invalid private key");
        }

    before:

            tempKeystore.AddKey(key);

    in src/rpcrawtransaction.cpp

    But maybe the

            bool fGood = vchSecret.SetString(k.get_str());

    a few lines above shouldn't have fGood be true for the zero private key?

  2. paveljanik commented at 8:32 PM on December 9, 2014: contributor

    I can reproduce in the current master.

    Assertion failed: (fValid), function GetPubKey, file key.cpp, line 65.

    The check for a private key in the valid range is missing (like in importprivkey):

    if (!key.IsValid()) throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, "Private key outside allowed range");
  3. paveljanik commented at 9:27 PM on December 13, 2014: contributor

    The fix is now merged to the master. Closing. Thank you for the report!

  4. Diapolo commented at 9:00 AM on December 17, 2014: none

    @dooglus Ping, you can close this now :).

  5. laanwj closed this on Dec 17, 2014
  6. MarcoFalke locked this on Sep 8, 2021
Contributors
doogluspaveljanikDiapolo
Linked (view graph)
#5461 signrawtransaction: validate private key.
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-13 15:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me