diff -ru sbin/sysctl.orig/sysctl.c sbin/sysctl/sysctl.c
--- sbin/sysctl.orig/sysctl.c	2004-05-31 11:59:34.000000000 -0300
+++ sbin/sysctl/sysctl.c	2004-10-26 14:55:43.498871967 -0300
@@ -56,7 +56,7 @@
 
 static int	aflag, bflag, dflag, eflag, Nflag, nflag, oflag, xflag;
 
-static int	oidfmt(int *, int, char *, u_int *);
+static int	oidfmt(int *, int, char *, size_t, u_int *);
 static void	parse(char *);
 static int	show_var(int *, int);
 static int	sysctl_all (int *oid, int len);
@@ -172,7 +172,7 @@
 	if (len < 0) 
 		errx(1, "unknown oid '%s'", bufp);
 
-	if (oidfmt(mib, len, fmt, &kind))
+	if (oidfmt(mib, len, fmt, sizeof(fmt), &kind))
 		err(1, "couldn't find format of oid '%s'", bufp);
 
 	if (newval == NULL) {
@@ -374,7 +374,7 @@
 }
 
 static int
-oidfmt(int *oid, int len, char *fmt, u_int *kind)
+oidfmt(int *oid, int len, char *fmt, size_t fmtlen, u_int *kind)
 {
 	int qoid[CTL_MAXNAME+2];
 	u_char buf[BUFSIZ];
@@ -394,7 +394,7 @@
 		*kind = *(u_int *)buf;
 
 	if (fmt)
-		strcpy(fmt, (char *)(buf + sizeof(u_int)));
+		strlcpy(fmt, (char *)(buf + sizeof(u_int)), fmtlen);
 	return 0;
 }
 
@@ -512,7 +512,7 @@
 
 	val[len] = '\0';
 	fmt = buf;
-	oidfmt(oid, nlen, fmt, &kind);
+	oidfmt(oid, nlen, fmt, sizeof(buf), &kind);
 	p = val;
 	switch (*fmt) {
 	case 'A':