diff -ru sbin/mountd.orig/mountd.c sbin/mountd/mountd.c
--- sbin/mountd.orig/mountd.c	2004-02-04 15:40:00.000000000 -0200
+++ sbin/mountd/mountd.c	2004-10-25 21:28:45.000000000 -0200
@@ -266,11 +266,10 @@
 	grphead = (struct grouplist *)NULL;
 	exphead = (struct exportlist *)NULL;
 	mlhead = (struct mountlist *)NULL;
-	if (argc == 1) {
-		strncpy(exname, *argv, MAXPATHLEN-1);
-		exname[MAXPATHLEN-1] = '\0';
-	} else
-		strcpy(exname, _PATH_EXPORTS);
+	if (argc == 1)
+		strlcpy(exname, *argv, MAXPATHLEN);
+	else
+		strlcpy(exname, _PATH_EXPORTS, MAXPATHLEN);
 	openlog("mountd", LOG_PID, LOG_DAEMON);
 	if (debug)
 		warnx("getting export list");
@@ -835,13 +834,13 @@
 				     */
 				    ep = ex_search(&fsb.f_fsid);
 				    if (ep == (struct exportlist *)NULL) {
+					size_t mntlen = strlen(fsb.f_mntonname) + 1;
 					ep = get_exp();
 					ep->ex_fs = fsb.f_fsid;
-					ep->ex_fsdir = (char *)
-					    malloc(strlen(fsb.f_mntonname) + 1);
+					ep->ex_fsdir = (char *)malloc(mntlen);
 					if (ep->ex_fsdir)
-					    strcpy(ep->ex_fsdir,
-						fsb.f_mntonname);
+					    strlcpy(ep->ex_fsdir, fsb.f_mntonname,
+						    mntlen);
 					else
 					    out_of_mem();
 					if (debug)
@@ -1080,7 +1079,7 @@
 	dp->dp_right = (struct dirlist *)NULL;
 	dp->dp_flag = 0;
 	dp->dp_hosts = (struct hostlist *)NULL;
-	strcpy(dp->dp_dirp, cp);
+	strlcpy(dp->dp_dirp, cp, len);
 	*dpp = dp;
 	return (dp->dp_dirp);
 }
@@ -1716,7 +1715,7 @@
 		net->nt_name = (char *)malloc(strlen(name) + 1);
 		if (net->nt_name == (char *)NULL)
 			out_of_mem();
-		strcpy(net->nt_name, name);
+		strlcpy(net->nt_name, name, strlen(name)+1);
 		net->nt_net = inetaddr.s_addr;
 	}
 	return (0);
@@ -1898,10 +1897,8 @@
 		mlp = (struct mountlist *)malloc(sizeof (*mlp));
 		if (mlp == (struct mountlist *)NULL)
 			out_of_mem();
-		strncpy(mlp->ml_host, host, RPCMNT_NAMELEN);
-		mlp->ml_host[RPCMNT_NAMELEN] = '\0';
-		strncpy(mlp->ml_dirp, dirp, RPCMNT_PATHLEN);
-		mlp->ml_dirp[RPCMNT_PATHLEN] = '\0';
+		strlcpy(mlp->ml_host, host, sizeof(mlp->ml_host));
+		strlcpy(mlp->ml_dirp, dirp, sizeof(mlp->ml_dirp));
 		mlp->ml_next = (struct mountlist *)NULL;
 		*mlpp = mlp;
 		mlpp = &mlp->ml_next;
@@ -1962,10 +1959,8 @@
 	mlp = (struct mountlist *)malloc(sizeof (*mlp));
 	if (mlp == (struct mountlist *)NULL)
 		out_of_mem();
-	strncpy(mlp->ml_host, hostp, RPCMNT_NAMELEN);
-	mlp->ml_host[RPCMNT_NAMELEN] = '\0';
-	strncpy(mlp->ml_dirp, dirp, RPCMNT_PATHLEN);
-	mlp->ml_dirp[RPCMNT_PATHLEN] = '\0';
+	strlcpy(mlp->ml_host, hostp, sizeof(mlp->ml_host));
+	strlcpy(mlp->ml_dirp, dirp, sizeof(mlp->ml_dirp));
 	mlp->ml_next = (struct mountlist *)NULL;
 	*mlpp = mlp;
 	if ((mlfile = fopen(_PATH_RMOUNTLIST, "a")) == NULL) {