Fix for CVE-2014-0076

[oweals/openssl.git] / crypto / des / ecb_enc.c

diff --git a/crypto/des/ecb_enc.c b/crypto/des/ecb_enc.c
index 1b70f68806d9d91c4b1860a3c935b1635422ae73..0684e769b3e0892db41e1e8b716861721e296e6c 100644 (file)
--- a/crypto/des/ecb_enc.c
+++ b/crypto/des/ecb_enc.c
@@ -58,11 +58,11 @@
 
 #include "des_locl.h"
 #include "des_ver.h"
-#include "spr.h"
 #include <openssl/opensslv.h>
+#include <openssl/bio.h>
 
-OPENSSL_GLOBAL const char *libdes_version="libdes" OPENSSL_VERSION_PTEXT;
-OPENSSL_GLOBAL const char *DES_version="DES" OPENSSL_VERSION_PTEXT;
+OPENSSL_GLOBAL const char libdes_version[]="libdes" OPENSSL_VERSION_PTEXT;
+OPENSSL_GLOBAL const char DES_version[]="DES" OPENSSL_VERSION_PTEXT;
 
 const char *DES_options(void)
        {
@@ -91,13 +91,14 @@ const char *DES_options(void)
 #ifdef DES_UNROLL
                unroll="16";
 #else
-               unroll="4";
+               unroll="2";
 #endif
                if (sizeof(DES_LONG) != sizeof(long))
                        size="int";
                else
                        size="long";
-               sprintf(buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,size);
+               BIO_snprintf(buf,sizeof buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,
+                            size);
                init=0;
                }
        return(buf);