diff -ru sbin/spppcontrol.orig/spppcontrol.c sbin/spppcontrol/spppcontrol.c
--- sbin/spppcontrol.orig/spppcontrol.c	2003-08-08 01:18:41.000000000 -0300
+++ sbin/spppcontrol/spppcontrol.c	2004-10-26 14:35:50.557292536 -0300
@@ -80,7 +80,7 @@
 		usage();
 
 	ifname = argv[0];
-	strncpy(ifr.ifr_name, ifname, sizeof ifr.ifr_name);
+	strlcpy(ifr.ifr_name, ifname, sizeof ifr.ifr_name);
 
 	/* use a random AF to create the socket */
 	if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0)
@@ -128,11 +128,11 @@
 			else
 				errx(EX_DATAERR, "bad auth proto: %s", cp);
 		} else if (startswith("myauthname="))
-			strncpy(spr.defs.myauth.name, argv[0] + off,
+			strlcpy(spr.defs.myauth.name, argv[0] + off,
 				AUTHNAMELEN);
 		else if (startswith("myauthsecret=") ||
 			 startswith("myauthkey="))
-			strncpy(spr.defs.myauth.secret, argv[0] + off,
+			strlcpy(spr.defs.myauth.secret, argv[0] + off,
 				AUTHKEYLEN);
 		else if (startswith("hisauthproto=")) {
 			cp = argv[0] + off;
@@ -145,11 +145,11 @@
 			else
 				errx(EX_DATAERR, "bad auth proto: %s", cp);
 		} else if (startswith("hisauthname="))
-			strncpy(spr.defs.hisauth.name, argv[0] + off,
+			strlcpy(spr.defs.hisauth.name, argv[0] + off,
 				AUTHNAMELEN);
 		else if (startswith("hisauthsecret=") ||
 			 startswith("hisauthkey="))
-			strncpy(spr.defs.hisauth.secret, argv[0] + off,
+			strlcpy(spr.defs.hisauth.secret, argv[0] + off,
 				AUTHKEYLEN);
 		else if (strcmp(argv[0], "callin") == 0)
 			spr.defs.hisauth.flags |= AUTHFLAG_NOCALLOUT;
@@ -248,7 +248,7 @@
 	case PPP_PAP:	return "pap";
 	case PPP_CHAP:	return "chap";
 	}
-	sprintf(buf, "0x%x", (unsigned)proto);
+	snprintf(buf, sizeof(buf), "0x%x", (unsigned)proto);
 	return buf;
 }
 
@@ -258,8 +258,8 @@
 	static char buf[30];
 	buf[0] = '\0';
 	if (flags & AUTHFLAG_NOCALLOUT)
-		strcat(buf, " callin");
+		strlcat(buf, " callin", sizeof(buf));
 	if (flags & AUTHFLAG_NORECHALLENGE)
-		strcat(buf, " norechallenge");
+		strlcat(buf, " norechallenge", sizeof(buf));
 	return buf;
 }