--- extras/htpasswd.c
+++ extras/htpasswd.c
@@ -186,15 +186,16 @@
         fprintf(stderr,"Use -c option to create new one.\n");
         exit(1);
     }
-    strcpy(user,argv[2]);
-
+    strncpy(user,argv[2],MAX_STRING_LEN);
+    user[MAX_STRING_LEN-1]='\0';
     found = 0;
     while(!(getline(line,MAX_STRING_LEN,f))) {
         if(found || (line[0] == '#') || (!line[0])) {
             putline(tfp,line);
             continue;
         }
-        strcpy(l,line);
+        strncpy(l,line,MAX_STRING_LEN);
+        l[MAX_STRING_LEN-1]='\0';
         getword(w,l,':');
         if(strcmp(user,w)) {
             putline(tfp,line);
@@ -212,7 +213,8 @@
     }
     fclose(f);
     fclose(tfp);
-    sprintf(command,"cp %s %s",temp_template,argv[1]);
+    snprintf(command,MAX_STRING_LEN,"cp %s %s",temp_template,argv[1]);
+    command[MAX_STRING_LEN-1]='\0';
     system(command);
     unlink(temp_template);
     exit(0);