From 20495b27e851439e4ea7e7036234de3717f5d5c0 Mon Sep 17 00:00:00 2001
From: Jaquee <jaquee.monero@gmail.com>
Date: Fri, 11 Aug 2017 11:16:30 +0200
Subject: [PATCH 1/2] simplewallet: fix possible privacy leak in
 import_key_images()

---
 src/simplewallet/simplewallet.cpp | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/simplewallet/simplewallet.cpp b/src/simplewallet/simplewallet.cpp
index 596c298d..102a3cf3 100644
--- a/src/simplewallet/simplewallet.cpp
+++ b/src/simplewallet/simplewallet.cpp
@@ -4509,6 +4509,12 @@ bool simple_wallet::export_key_images(const std::vector<std::string> &args)
 //----------------------------------------------------------------------------------------------------
 bool simple_wallet::import_key_images(const std::vector<std::string> &args)
 {
+  if (!m_trusted_daemon)
+  {
+    fail_msg_writer() << tr("this command requires a trusted daemon. Enable with --trusted-daemon");
+    return true;
+  }
+
   if (args.size() != 1)
   {
     fail_msg_writer() << tr("usage: import_key_images <filename>");

From 359517c7f5fc4c060e470c674b477e7a65f8d514 Mon Sep 17 00:00:00 2001
From: Jaquee <jaquee.monero@gmail.com>
Date: Fri, 11 Aug 2017 11:18:21 +0200
Subject: [PATCH 2/2] wallet_rpc_server: fix possible privacy leak in
 on_import_key_images()

---
 src/wallet/wallet_rpc_server.cpp | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/wallet/wallet_rpc_server.cpp b/src/wallet/wallet_rpc_server.cpp
index f014c573..133f93f9 100644
--- a/src/wallet/wallet_rpc_server.cpp
+++ b/src/wallet/wallet_rpc_server.cpp
@@ -1360,7 +1360,12 @@ namespace tools
       er.message = "Command unavailable in restricted mode.";
       return false;
     }
-
+    if (!m_trusted_daemon)
+    {
+      er.code = WALLET_RPC_ERROR_CODE_UNKNOWN_ERROR;
+      er.message = "This command requires a trusted daemon.";
+      return false;
+    }
     try
     {
       std::vector<std::pair<crypto::key_image, crypto::signature>> ski;