diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index 7436a50ad14d16ed0c573e6ec91363fc094e7218..a5b2b970567e7056a3387116d35b15babaa48684 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -975,13 +975,14 @@ char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len)
 
 	if (buf == NULL)
 		{
-		buf=Malloc(128);
+		len=128;
+		buf=Malloc(len);
 		if (buf == NULL) return("Malloc Error");
 		}
 	else if (len < 128)
 		return("Buffer too small");
 
-	sprintf(buf,format,cipher->name,ver,kx,au,enc,mac,exp);
+	BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp);
 	return(buf);
 	}