diff -ru sbin/umount.orig/umount.c sbin/umount/umount.c
--- sbin/umount.orig/umount.c	2003-06-17 01:27:34.000000000 -0300
+++ sbin/umount/umount.c	2004-10-26 15:19:05.076124573 -0300
@@ -65,7 +65,7 @@
 int	 checkvfsname (const char *, char **);
 char	*getmntname (const char *, const char *,
 	 mntwhat, char **, dowhat);
-char 	*getrealname(char *, char *resolved_path);
+char 	*getrealname(char *, char *resolved_path, size_t);
 char   **makevfslist (const char *);
 size_t	 mntinfo (struct statfs **);
 int	 namematch (struct hostent *);
@@ -184,6 +184,7 @@
 	int rval;
 	char *cp;
 	static int firstcall = 1;
+	size_t len;
 
 	if ((fs = getfsent()) != NULL)
 		firstcall = 0;
@@ -216,9 +217,10 @@
 		 * that they were mounted.  So, we save off the file name
 		 * in some allocated memory, and then call recursively.
 		 */
-		if ((cp = malloc((size_t)strlen(fs->fs_file) + 1)) == NULL)
+		len = strlen(fs->fs_file) + 1;
+		if ((cp = malloc(len)) == NULL)
 			err(1, "malloc failed");
-		(void)strcpy(cp, fs->fs_file);
+		strlcpy(cp, fs->fs_file, len);
 		rval = umountall(typelist);
 		rval = umountfs(cp, typelist) || rval;
 		free(cp);
@@ -308,8 +310,9 @@
 			 * Check the name in mounttable one last time.
 			 */
 			if (mntfromname == NULL && mntonname == NULL) {
-				(void)strcpy(name, origname);
-				if ((getrealname(name, realname)) != NULL) {
+				strlcpy(name, origname, strlen(name)+1);
+				if ((getrealname(name, realname,
+				    sizeof(realname))) != NULL) {
 					(void)checkmntlist(realname,
 					    &mntfromname, &mntonname, &type);
 					resolved = realname;
@@ -318,7 +321,7 @@
 				 * All tests failed, return to main()
 				 */
 				if (mntfromname == NULL && mntonname == NULL) {
-					(void)strcpy(name, origname);
+					strlcpy(name, origname, strlen(name)+1);
 					warnx("%s: not currently mounted",
 					    origname);
 					free(origname);
@@ -604,7 +607,7 @@
 }
 
 char *
-getrealname(char *name, char *realname)
+getrealname(char *name, char *realname, size_t rnlen)
 {
 	char *dirname;
 	int havedir;
@@ -615,10 +618,10 @@
 	havedir = 0;
 	if (*name == '/') {
 		if (ISDOT(name + 1) || ISDOTDOT(name + 1))
-			strcpy(realname, "/");
+			strlcpy(realname, "/", rnlen);
 		else {
 			if ((dirname = strrchr(name + 1, '/')) == NULL)
-				snprintf(realname, MAXPATHLEN, "%s", name);
+				snprintf(realname, rnlen, "%s", name);
 			else
 				havedir = 1;
 		}