commit 50a8a8806059647a3e446fd129995af61ec54867
Author: Ingo Franzki <ifranzki@linux.ibm.com>
Date:   Tue Dec 3 14:58:26 2019 +0100

    EP11: Fix EC-uncompress buffer length
    
    Function ec_uncompress_public_key() expects the size of the output
    buffer in out_pubkey to be specified in the out_len parameter.
    However, variable pubkey_len is uninitialized when calling
    ec_uncompress_public_key(), so this may result in CKR_BUFFER_TOO_SMALL
    dependent on the value of pubkey_len.
    Fix this by setting pubkey_len to the size of the public key buffer
    allocated above.
    
    Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

diff --git a/usr/lib/ep11_stdll/ep11_specific.c b/usr/lib/ep11_stdll/ep11_specific.c
index 38b6708f..10dfe4e0 100644
--- a/usr/lib/ep11_stdll/ep11_specific.c
+++ b/usr/lib/ep11_stdll/ep11_specific.c
@@ -2034,9 +2034,10 @@ static CK_RV import_EC_key(STDLL_TokData_t * tokdata, SESSION * sess,
         rc = get_ecsiglen(ec_key_obj, &privkey_len);
         if (rc != CKR_OK)
             goto import_EC_key_end;
-        privkey_len /= 2; /* Public key is half the size of an EC signature */
+        privkey_len /= 2; /* private key is half the size of an EC signature */
 
-        pubkey = (CK_BYTE *)malloc(1 + 2 * privkey_len);
+        pubkey_len = 1 + 2 * privkey_len;
+        pubkey = (CK_BYTE *)malloc(pubkey_len);
         if (pubkey == NULL) {
             rc = CKR_HOST_MEMORY;
             goto import_EC_key_end;