diff -urN BitchX/source/misc.c BitchX-patched/source/misc.c
--- BitchX/source/misc.c	2003-06-11 07:00:42.000000000 +0000
+++ BitchX-patched/source/misc.c	2004-06-13 21:16:32.000000000 +0000
@@ -3114,7 +3114,7 @@
 	atsign = strchr(hostname, '@');
 	if (atsign) {
 		if (*hostname == '~') {
-			strcpy(result, "~*@");
+			strmcpy(result, "~*@", sizeof(result)-1);
 		} else {
 			size_t ident_len = atsign - hostname;
 			
@@ -3184,7 +3184,7 @@
 		 * result is 11 */
 		strcat(result, "*");
 		if (my_stricmp(host, temphost))
-			strcat(result, ".");
+			strmcat(result, ".", sizeof(result)-1);
 		strlcat(result, host, sizeof result);
 	}
 	return result;
diff -urN BitchX/source/notice.c BitchX-patched/source/notice.c
--- BitchX/source/notice.c	2003-04-11 01:09:07.000000000 +0000
+++ BitchX-patched/source/notice.c	2004-06-13 21:11:16.000000000 +0000
@@ -422,7 +422,7 @@
 	{
 		char *q = strchr(line, ':');
 		char *port = empty_string;
-		int conn = !strncmp(line+7, "connect", 7) ? 1 : 0;
+		int conn = strlen(line) > 7 && !strncmp(line+7, "connect", 7) ? 1 : 0;
 		int dalnet = 0, ircnet = 0;
 
 		if (strlen(line) >= 19 && line[18] == ':')
@@ -462,7 +462,7 @@
 		    else sscanf(p, "%s was %s from %s", for_, fr, temp);
 
 		    q = p;
-		    sprintf(q, "%s@%s", fr, temp);
+		    snprintf(q, strlen(q)+1, "%s@%s", fr, temp);
 		    if (!conn) 
 		    {
 			port = strstr(temp2, "reason:");
diff -urN BitchX/source/server.c BitchX-patched/source/server.c
--- BitchX/source/server.c	2003-06-11 07:00:43.000000000 +0000
+++ BitchX-patched/source/server.c	2004-06-13 21:02:39.000000000 +0000
@@ -513,11 +513,11 @@
 					}
 					else
 #endif
-						junk = dgets(bufptr, des, 1, BIG_BUFFER_SIZE, server_list[i].ssl_fd);
+						junk = dgets(bufptr, des, 1, BIG_BUFFER_SIZE/2, server_list[i].ssl_fd);
 				}
 				else
 #endif
-					junk = dgets(bufptr, des, 1, BIG_BUFFER_SIZE, NULL);
+					junk = dgets(bufptr, des, 1, BIG_BUFFER_SIZE/2, NULL);
 			}
 			switch (junk)
 			{
@@ -1777,7 +1777,7 @@
 			default:
 				if (FD_ISSET(des, &rd))
 				{
-					if (!dgets(buffer, des, 0, BIG_BUFFER_SIZE, NULL))
+					if (!dgets(buffer, des, 0, BIG_BUFFER_SIZE/2, NULL))
 						flushing = 0;
 				}
 				break;
@@ -1787,7 +1787,7 @@
 	FD_ZERO(&rd);
 	FD_SET(des, &rd);
 	if (new_select(&rd, NULL, &timeout) > 0)
-		dgets(buffer, des, 1, BIG_BUFFER_SIZE, NULL);
+		dgets(buffer, des, 1, BIG_BUFFER_SIZE/2, NULL);
 }