diff -ru sbin/quotacheck.orig/quotacheck.c sbin/quotacheck/quotacheck.c
--- sbin/quotacheck.orig/quotacheck.c	2004-09-03 19:40:21.000000000 -0300
+++ sbin/quotacheck/quotacheck.c	2004-10-25 22:29:08.000000000 -0200
@@ -214,11 +214,11 @@
 		errx(1, "malloc failed");
 	qnp->flags = 0;
 	if (gflag && hasquota(fs, GRPQUOTA, &qfnp)) {
-		strcpy(qnp->grpqfname, qfnp);
+		strlcpy(qnp->grpqfname, qfnp, sizeof(qnp->grpqfname));
 		qnp->flags |= HASGRP;
 	}
 	if (uflag && hasquota(fs, USRQUOTA, &qfnp)) {
-		strcpy(qnp->usrqfname, qfnp);
+		strlcpy(qnp->usrqfname, qfnp, sizeof(qnp->usrqfname));
 		qnp->flags |= HASUSR;
 	}
 	if (qnp->flags)
@@ -434,7 +434,7 @@
 		    "%s%s", qfextension[GRPQUOTA], qfname);
 		initname = 1;
 	}
-	strcpy(buf, fs->fs_mntops);
+	strlcpy(buf, fs->fs_mntops, sizeof(buf));
 	for (opt = strtok(buf, ","); opt; opt = strtok(NULL, ",")) {
 		if ((cp = strchr(opt, '=')) != NULL)
 			*cp++ = '\0';
@@ -497,7 +497,7 @@
 	if (name)
 		bcopy(name, fup->fu_name, len + 1);
 	else {
-		(void)sprintf(fup->fu_name, "%lu", id);
+		snprintf(fup->fu_name, len, "%lu", id);
 		if (vflag) 
 			printf("unknown %cid: %lu\n", 
 			    type == USRQUOTA ? 'u' : 'g', id);