--- main.c.orig	Mon Feb 13 19:38:23 2006
+++ main.c	Mon Jan  1 18:26:21 2007
@@ -51,7 +51,7 @@ static void write_magic(int fd_in, int f
 	uint32_t v;
 
 	memset(magic, 0, sizeof(magic));
-	strcpy(magic, "RZIP");
+	strncpy(magic, "RZIP", 4);
 	magic[4] = RZIP_MAJOR_VERSION;
 	magic[5] = RZIP_MINOR_VERSION;
 
@@ -131,6 +131,9 @@ static void decompress_file(struct rzip_
 
 	if (control->outname) {
 		control->outfile = strdup(control->outname);
+		if (control->outfile == NULL) {
+			fatal("Failed to allocate memory for output filename");
+		}
 	} else {
 		if (strlen(control->suffix) >= strlen(control->infile) ||
 		    strcmp(control->suffix, 
@@ -140,6 +143,9 @@ static void decompress_file(struct rzip_
 		}
 		
 		control->outfile = strdup(control->infile);
+		if (control->outfile == NULL) {
+			fatal("Failed to allocate memory for output filename");
+		}
 		control->outfile[strlen(control->infile) - strlen(control->suffix)] = 0;
 	}
 
@@ -208,14 +214,19 @@ static void compress_file(struct rzip_co
 
 	if (control->outname) {
 		control->outfile = strdup(control->outname);
+		if (control->outfile == NULL) {
+			fatal("Failed to allocate memory for output filename");
+		}
 	} else {
-		control->outfile = malloc(strlen(control->infile) + 
-					  strlen(control->suffix) + 1);
+		size_t len;
+
+		len = strlen(control->infile) + strlen(control->suffix) + 1;
+		control->outfile = malloc(len);
 		if (!control->outfile) {
 			fatal("Failed to allocate outfile name\n");
 		}
-		strcpy(control->outfile, control->infile);
-		strcat(control->outfile, control->suffix);
+		strlcpy(control->outfile, control->infile, len);
+		strlcat(control->outfile, control->suffix, len);
 	}
 
 	fd_in = open(control->infile,O_RDONLY);