From da1fcc6dbd71fd14de90e77ce77895f26383c10f Mon Sep 17 00:00:00 2001
From: Dave Collins <davec@conformal.com>
Date: Fri, 21 Feb 2014 02:11:11 -0600
Subject: [PATCH] Tighten the check for pay-to-pubkey scripts.

This commit tightens the check for a pay-to-pubkey script by ensuring the
length of the pubkey is one of the two valid values of 33 or 65.  This
mirrors the checks in the multisig script type check as well.

ok @owainga
---
 script.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/script.go b/script.go
index da897bb9..2177df94 100644
--- a/script.go
+++ b/script.go
@@ -204,9 +204,9 @@ func isSmallInt(op *opcode) bool {
 // isPubkey returns true if the script passed is a pubkey transaction, false
 // otherwise.
 func isPubkey(pops []parsedOpcode) bool {
+	// valid pubkeys are either 33 or 65 bytes
 	return len(pops) == 2 &&
-		pops[0].opcode.value > OP_FALSE &&
-		pops[0].opcode.value <= OP_DATA_75 &&
+		(len(pops[0].data) == 33 || len(pops[0].data) == 65) &&
 		pops[1].opcode.value == OP_CHECKSIG
 }