diff --git a/usr.bin/netstat/if.c b/usr.bin/netstat/if.c
index d3c6f689f656..a5a73341203b 100644
--- a/usr.bin/netstat/if.c
+++ b/usr.bin/netstat/if.c
@@ -1,4 +1,4 @@
-/*	$NetBSD: if.c,v 1.47 2001/02/19 23:03:50 cgd Exp $	*/
+/*	$NetBSD: if.c,v 1.48 2001/04/06 05:10:28 itojun Exp $	*/
 
 /*
  * Copyright (c) 1983, 1988, 1993
@@ -38,7 +38,7 @@
 #if 0
 static char sccsid[] = "from: @(#)if.c	8.2 (Berkeley) 2/21/94";
 #else
-__RCSID("$NetBSD: if.c,v 1.47 2001/02/19 23:03:50 cgd Exp $");
+__RCSID("$NetBSD: if.c,v 1.48 2001/04/06 05:10:28 itojun Exp $");
 #endif
 #endif /* not lint */
 
@@ -295,7 +295,8 @@ intpr(interval, ifnetaddr, pfunc)
 						    sin6.sin6_len, hbuf,
 						    sizeof(hbuf), NULL, 0,
 						    niflag) != 0) {
-							strcpy(hbuf, "??");
+							strlcpy(hbuf, "??",
+							    sizeof(hbuf));
 						}
 						cp = hbuf;
 						if (vflag)
@@ -325,7 +326,7 @@ intpr(interval, ifnetaddr, pfunc)
 				char netnum[8];
 
 				*(union ns_net *)&net = sns->sns_addr.x_net;
-				(void)sprintf(netnum, "%xH",
+				(void)snprintf(netnum, sizeof(netnum), "%xH",
 				    (u_int32_t)ntohl(net));
 				upHex(netnum);
 				printf("ns:%-10s ", netnum);
diff --git a/usr.bin/netstat/inet.c b/usr.bin/netstat/inet.c
index 18312e767eae..a85ee181f154 100644
--- a/usr.bin/netstat/inet.c
+++ b/usr.bin/netstat/inet.c
@@ -1,4 +1,4 @@
-/*	$NetBSD: inet.c,v 1.44 2001/03/20 17:00:08 itojun Exp $	*/
+/*	$NetBSD: inet.c,v 1.45 2001/04/06 05:10:28 itojun Exp $	*/
 
 /*
  * Copyright (c) 1983, 1988, 1993
@@ -38,7 +38,7 @@
 #if 0
 static char sccsid[] = "from: @(#)inet.c	8.4 (Berkeley) 4/20/94";
 #else
-__RCSID("$NetBSD: inet.c,v 1.44 2001/03/20 17:00:08 itojun Exp $");
+__RCSID("$NetBSD: inet.c,v 1.45 2001/04/06 05:10:28 itojun Exp $");
 #endif
 #endif /* not lint */
 
@@ -608,7 +608,7 @@ inetname(inp)
 		if (gethostname(domain, sizeof domain) == 0) {
 			domain[sizeof(domain) - 1] = '\0';
 			if ((cp = strchr(domain, '.')))
-				(void) strcpy(domain, cp + 1);
+				(void) strlcpy(domain, cp + 1, sizeof(domain));
 			else
 				domain[0] = 0;
 		} else
diff --git a/usr.bin/netstat/inet6.c b/usr.bin/netstat/inet6.c
index 98b3a7684d9e..e9682c44965c 100644
--- a/usr.bin/netstat/inet6.c
+++ b/usr.bin/netstat/inet6.c
@@ -1,4 +1,4 @@
-/*	$NetBSD: inet6.c,v 1.18 2001/03/20 17:02:33 itojun Exp $	*/
+/*	$NetBSD: inet6.c,v 1.19 2001/04/06 05:10:28 itojun Exp $	*/
 /*	BSDI inet.c,v 2.3 1995/10/24 02:19:29 prb Exp	*/
 
 /*
@@ -68,7 +68,7 @@
 #if 0
 static char sccsid[] = "@(#)inet.c	8.4 (Berkeley) 4/20/94";
 #else
-__RCSID("$NetBSD: inet6.c,v 1.18 2001/03/20 17:02:33 itojun Exp $");
+__RCSID("$NetBSD: inet6.c,v 1.19 2001/04/06 05:10:28 itojun Exp $");
 #endif
 #endif /* not lint */
 
@@ -633,8 +633,8 @@ ip6_ifstats(ifname)
 		return;
 	}
 
-	strcpy(ifr.ifr_name, ifname);
-	printf("ip6 on %s:\n", ifr.ifr_name);
+	strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
+	printf("ip6 on %s:\n", ifname);
 
 	if (ioctl(s, SIOCGIFSTAT_IN6, (char *)&ifr) < 0) {
 		perror("Warning: ioctl(SIOCGIFSTAT_IN6)");
@@ -1024,8 +1024,8 @@ icmp6_ifstats(ifname)
 		return;
 	}
 
-	strcpy(ifr.ifr_name, ifname);
-	printf("icmp6 on %s:\n", ifr.ifr_name);
+	strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
+	printf("icmp6 on %s:\n", ifname);
 
 	if (ioctl(s, SIOCGIFSTAT_ICMP6, (char *)&ifr) < 0) {
 		perror("Warning: ioctl(SIOCGIFSTAT_ICMP6)");
@@ -1127,14 +1127,16 @@ do {\
 	width = Aflag ? 12 : 16;
 	if (vflag && width < strlen(inet6name(in6)))
 		width = strlen(inet6name(in6));
-	sprintf(line, "%.*s.", width, inet6name(in6));
+	snprintf(line, sizeof(line), "%.*s.", width, inet6name(in6));
 	cp = index(line, '\0');
 	if (!nflag && port)
 		GETSERVBYPORT6(port, proto, sp);
 	if (sp || port == 0)
-		sprintf(cp, "%.8s", sp ? sp->s_name : "*");
+		snprintf(cp, sizeof(line) - (cp - line),
+		    "%.8s", sp ? sp->s_name : "*");
 	else
-		sprintf(cp, "%d", ntohs((u_short)port));
+		snprintf(cp, sizeof(line) - (cp - line),
+		    "%d", ntohs((u_short)port));
 	width = Aflag ? 18 : 22;
 	if (vflag && width < strlen(line))
 		width = strlen(line);
@@ -1168,7 +1170,7 @@ inet6name(in6p)
 		first = 0;
 		if (gethostname(domain, MAXHOSTNAMELEN) == 0 &&
 		    (cp = index(domain, '.')))
-			(void) strcpy(domain, cp + 1);
+			(void) strlcpy(domain, cp + 1, sizeof(domain));
 		else
 			domain[0] = 0;
 	}
@@ -1201,7 +1203,7 @@ inet6name(in6p)
 #endif
 		if (getnameinfo((struct sockaddr *)&sin6, sin6.sin6_len,
 				hbuf, sizeof(hbuf), NULL, 0, niflag) != 0)
-			strcpy(hbuf, "?");
+			strlcpy(hbuf, "?", sizeof(hbuf));
 		strlcpy(line, hbuf, sizeof(line));
 	}
 	return (line);
diff --git a/usr.bin/netstat/route.c b/usr.bin/netstat/route.c
index 96b2d33d75cb..6087237c5f74 100644
--- a/usr.bin/netstat/route.c
+++ b/usr.bin/netstat/route.c
@@ -1,4 +1,4 @@
-/*	$NetBSD: route.c,v 1.54 2001/03/08 03:47:04 enami Exp $	*/
+/*	$NetBSD: route.c,v 1.55 2001/04/06 05:10:28 itojun Exp $	*/
 
 /*
  * Copyright (c) 1983, 1988, 1993
@@ -38,7 +38,7 @@
 #if 0
 static char sccsid[] = "from: @(#)route.c	8.3 (Berkeley) 3/9/94";
 #else
-__RCSID("$NetBSD: route.c,v 1.54 2001/03/08 03:47:04 enami Exp $");
+__RCSID("$NetBSD: route.c,v 1.55 2001/04/06 05:10:28 itojun Exp $");
 #endif
 #endif /* not lint */
 
@@ -422,6 +422,7 @@ p_sockaddr(sa, mask, flags, width)
 {
 	char workbuf[128], *cplim;
 	char *cp = workbuf;
+	char *ep = workbuf + sizeof(workbuf);
 
 	switch(sa->sa_family) {
 	case AF_INET:
@@ -510,7 +511,8 @@ p_sockaddr(sa, mask, flags, width)
 			cplim = "";
 			for (i = 0; i < alen; i++, lla++) {
 				/* XXX */
-				cp += sprintf(cp, "%s%02x", cplim, *lla);
+				cp += snprintf(cp, ep - cp,
+				    "%s%02x", cplim, *lla);
 				cplim = ":";
 			}
 			cp = workbuf;
@@ -529,11 +531,11 @@ p_sockaddr(sa, mask, flags, width)
 
 		slim =  sa->sa_len + (u_char *) sa;
 		cplim = cp + sizeof(workbuf) - 6;
-		cp += sprintf(cp, "(%d)", sa->sa_family);
+		cp += snprintf(cp, ep - cp, "(%d)", sa->sa_family);
 		while (s < slim && cp < cplim) {
-			cp += sprintf(cp, " %02x", *s++);
+			cp += snprintf(cp, ep - cp, " %02x", *s++);
 			if (s < slim)
-			    cp += sprintf(cp, "%02x", *s++);
+			    cp += snprintf(cp, ep - cp, "%02x", *s++);
 		}
 		cp = workbuf;
 	    }
@@ -661,7 +663,7 @@ routename(in)
 		if (gethostname(domain, MAXHOSTNAMELEN) == 0) {
 			domain[sizeof(domain) - 1] = '\0';
 			if ((cp = strchr(domain, '.')))
-				(void)strcpy(domain, cp + 1);
+				(void)strlcpy(domain, cp + 1, sizeof(domain));
 			else
 				domain[0] = 0;
 		} else
@@ -894,10 +896,11 @@ netname6(sa6, mask)
 	error = getnameinfo((struct sockaddr *)&sin6, sin6.sin6_len,
 			line, sizeof(line), NULL, 0, flag);
 	if (error)
-		strcpy(line, "invalid");
+		strlcpy(line, "invalid", sizeof(line));
 
 	if (nflag)
-		sprintf(&line[strlen(line)], "/%d", masklen);
+		snprintf(&line[strlen(line)], sizeof(line) - strlen(line),
+		    "/%d", masklen);
 
 	return line;
 }
@@ -928,7 +931,7 @@ routename6(sa6)
 	error = getnameinfo((struct sockaddr *)&sa6_local, sa6_local.sin6_len,
 			line, sizeof(line), NULL, 0, flag);
 	if (error)
-		strcpy(line, "invalid");
+		strlcpy(line, "invalid", sizeof(line));
 
 	return line;
 }