From 73f7eac903576be8c8c08b2069c7a400be047ec7 Mon Sep 17 00:00:00 2001
From: Marius van der Wijden <m.vanderwijden@live.de>
Date: Mon, 13 Sep 2021 21:11:26 +0200
Subject: [PATCH] btcec: check if recovered pk is at point of infinity

---
 btcec/signature.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/btcec/signature.go b/btcec/signature.go
index cdd7cedf..8a8f8301 100644
--- a/btcec/signature.go
+++ b/btcec/signature.go
@@ -353,6 +353,10 @@ func recoverKeyFromSignature(curve *KoblitzCurve, sig *Signature, msg []byte,
 	// step to prevent the jacobian conversion back and forth.
 	Qx, Qy := curve.Add(sRx, sRy, minuseGx, minuseGy)
 
+	if Qx.Sign() == 0 && Qy.Sign() == 0 {
+		return nil, errors.New("point (Qx, Qy) equals the point at infinity")
+	}
+
 	return &PublicKey{
 		Curve: curve,
 		X:     Qx,