From c7f933259623c87a9a3d116cc9bcfd75deb497da Mon Sep 17 00:00:00 2001
From: "Wladimir J. van der Laan" <laanwj@gmail.com>
Date: Tue, 28 Jan 2014 09:38:10 +0100
Subject: [PATCH] Add check for valid keys in `importprivkey`

The base58 armoring was checked, but not the resulting private key,
which could be out of range. Fix this by adding a check.
---
 src/rpcdump.cpp | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/rpcdump.cpp b/src/rpcdump.cpp
index 726f23011..f66dbc0eb 100644
--- a/src/rpcdump.cpp
+++ b/src/rpcdump.cpp
@@ -101,9 +101,11 @@ Value importprivkey(const Array& params, bool fHelp)
     CBitcoinSecret vchSecret;
     bool fGood = vchSecret.SetString(strSecret);
 
-    if (!fGood) throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, "Invalid private key");
+    if (!fGood) throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, "Invalid private key encoding");
 
     CKey key = vchSecret.GetKey();
+    if (!key.IsValid()) throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, "Private key outside allowed range");
+
     CPubKey pubkey = key.GetPubKey();
     CKeyID vchAddress = pubkey.GetID();
     {