diff --git a/src/core/debug.cpp b/src/core/debug.cpp
index 7c285bb..a8be328 100644
--- a/src/core/debug.cpp
+++ b/src/core/debug.cpp
@@ -63,7 +63,7 @@ cDebug::cDebug(const char* label)
 
 cDebug::cDebug(const cDebug &rhs)
 {
-    strncpy(mLabel, rhs.mLabel, MAX_LABEL);
+    strlcpy(mLabel, rhs.mLabel, MAX_LABEL);
 }
 
 cDebug::~cDebug()
diff --git a/src/core/msystem.cpp b/src/core/msystem.cpp
index c551aee..8aa12fa 100644
--- a/src/core/msystem.cpp
+++ b/src/core/msystem.cpp
@@ -225,9 +225,10 @@ char *getenv();             /* get variable from environment */
         /*
          * allocate space for the string, and copy if successful
          */
-        if ((p = (char*)malloc((unsigned)((strlen(str)+1)*sizeof(char)))) 
+        size_t p_size = (strlen(str)+1)*sizeof(char);
+        if ((p = (char*)malloc((unsigned)(p_size)))
                                     != NULL)
-            (void) strcpy(p, str);
+            (void) strlcpy(p, str, p_size);
         return(p);
     }
 #endif
@@ -402,21 +403,22 @@ char *env;
      * just include it from the current environment
      * (if not defined there, don't define it here)
      */
+    size_t p_size=0;
     if (strchr(env, '=') == NULL){
         /* is it defined locally? */
         if ((q = getenv(env)) == NULL){
             /* no -- don't define it here */
             return(SE_NONE);
         }
-        else if ((p = (char*)malloc((unsigned) (strlen(env)+strlen(q)+2)))
+        else if ((p = (char*)malloc((unsigned) (p_size = (strlen(env)+strlen(q)+2))))
                                       == NULL){
             ERMSG("ran out of memory");
             return(SE_NOMEM);
         }
         else{
-            (void) strcpy(p, env);
-            (void) strcat(p, "=");
-            (void) strcat(p, q);
+            (void) strlcpy(p, env, p_size);
+            (void) strlcat(p, "=", p_size);
+            (void) strlcat(p, q, p_size);
         }
     }
     else if ((p = strdup(env)) == NULL){
diff --git a/src/core/unixfsservices.cpp b/src/core/unixfsservices.cpp
index 6ebf4d1..ca6493f 100644
--- a/src/core/unixfsservices.cpp
+++ b/src/core/unixfsservices.cpp
@@ -264,7 +264,7 @@ TSTRING& cUnixFSServices::MakeTempFilename( TSTRING& strName ) const throw(eFSSe
     char szTemplate[iFSServices::TW_MAX_PATH];
     int fd;
 
-    strncpy( szTemplate, strName.c_str(), iFSServices::TW_MAX_PATH );
+    strlcpy( szTemplate, strName.c_str(), iFSServices::TW_MAX_PATH );
 
 #ifdef HAVE_MKSTEMP
      // create temp filename and check to see if mkstemp failed                 
@@ -605,7 +605,7 @@ bool cUnixFSServices::GetGroupName( gid_t group_id, TSTRING& tstrGroup ) const
 void cUnixFSServices::ConvertModeToString( uint64 perm, TSTRING& tstrPerm ) const
 {   
     TCHAR szPerm[11]; //10 permission bits plus the NULL
-    strncpy( szPerm, _T("----------"), 11);
+    strlcpy( szPerm, _T("----------"), 11);
 
     ASSERT( sizeof(unsigned short) <= sizeof(uint32) );
     // We do this in case an "unsigned short" is ever larger than the
@@ -912,7 +912,7 @@ bool util_PathFind( TSTRING& strFullPath, const TSTRING& strFilename )
     //
     // get the path environment variable
     //
-    TCHAR* pszPathVar = _tgetenv("PATH");
+    TCHAR* pszPathVar = getenv("PATH");
     if( pszPathVar != NULL )
     {
         //
diff --git a/src/fco/fconametbl.cpp b/src/fco/fconametbl.cpp
index c4e2ba8..edc2c8f 100644
--- a/src/fco/fconametbl.cpp
+++ b/src/fco/fconametbl.cpp
@@ -112,7 +112,7 @@ void cFCONameTblNode::SetString(const TSTRING& newStr)
     
     size_t alloc_size = sizeof(TCHAR)*(newStr.length()+1);
     mpString = (TCHAR*)util_AllocMem(alloc_size);
-    strncpy( mpString, newStr.c_str(), alloc_size );
+    strlcpy( mpString, newStr.c_str(), alloc_size );
 
     // NOTE -- the lower case pointer is now invalid.
 }
@@ -187,7 +187,7 @@ cFCONameTblNode* cFCONameTbl::CreateNode(const TSTRING& nodeName)
     // TODO:BAM -- does this have any meaning in mb?
     for(i = lowStr.begin(); i != lowStr.end(); ++i)
     {
-        *i = _totlower(*i);
+        *i = tolower(*i);
     }
     // see if this exists in the table (it could potentially look up itself!)
     if(mTable.Lookup(lowStr.c_str(), pLowerNode))
diff --git a/src/fco/signature.cpp b/src/fco/signature.cpp
index 27e59f9..4f8dd1c 100644
--- a/src/fco/signature.cpp
+++ b/src/fco/signature.cpp
@@ -557,7 +557,7 @@ TSTRING cMD5Signature::AsStringHex() const
     for(int i = 0; i < SIG_BYTE_SIZE; ++i)
     {
         snprintf(stringBuffer, 128, _T("%02lx"), (unsigned long)dbuf[i]);
-        strncat(sigStringOut, stringBuffer, 128);
+        strlcat(sigStringOut, stringBuffer, 128);
     }
     ret.append(sigStringOut);
 
@@ -680,7 +680,7 @@ TSTRING cSHASignature::AsStringHex() const
     for (int i=0; i < SIG_UINT32_SIZE*(int)sizeof(uint32); ++i)
     {
         snprintf(stringBuffer, 128, _T("%02x"), dbuf[i]);
-        strncat(sigStringOut, stringBuffer, 128);
+        strlcat(sigStringOut, stringBuffer, 128);
     }
     ret.append(sigStringOut);
     
@@ -755,7 +755,7 @@ TSTRING cSHASignature::AsStringHex() const
     for (int i=0; i < SIG_UINT32_SIZE; ++i)
     {
         snprintf(stringBuffer, 128, _T("%08x"), mSHAInfo.digest[i]);
-        strncat(sigStringOut, stringBuffer, 128);
+        strlcat(sigStringOut, stringBuffer, 128);
     }
     ret.append(sigStringOut);
     
@@ -857,7 +857,7 @@ TSTRING cHAVALSignature::AsStringHex() const
     for (int i=0; i < SIG_BYTE_SIZE; ++i)
     {
         snprintf(stringBuffer, 128, _T("%02x"), mSignature[i]);
-        strncat(sigStringOut, stringBuffer, 128);
+        strlcat(sigStringOut, stringBuffer, 128);
     }
     ret.append(sigStringOut);
 
diff --git a/src/tripwire/smtpmailmessage.cpp b/src/tripwire/smtpmailmessage.cpp
index 9e63bc7..655e11f 100644
--- a/src/tripwire/smtpmailmessage.cpp
+++ b/src/tripwire/smtpmailmessage.cpp
@@ -90,7 +90,7 @@ static int gethostname( char* name, int namelen )
     
     if ( strlen( myname.nodename ) < (unsigned int)namelen )
     {
-        strncpy( name, myname.nodename, namelen );
+        strlcpy( name, myname.nodename, namelen );
         return 0;
     }
     else
@@ -100,7 +100,7 @@ static int gethostname( char* name, int namelen )
             // equivalent of SOCKET_ERROR
     }
 #else
-    strncpy(name, "localhost", namelen);
+    strlcpy(name, "localhost", namelen);
 #endif
 
 }
diff --git a/src/twparser/yyparse.cpp b/src/twparser/yyparse.cpp
index 9deb903..806f7a7 100644
--- a/src/twparser/yyparse.cpp
+++ b/src/twparser/yyparse.cpp
@@ -1393,7 +1393,7 @@ yy_parse::yyExpandName(int num, int isrule, char * buf, int len)
 
     for (endp = buf + len - 8; *s; s++) {
         if (buf >= endp) {      /* too large: return 0 */
-        full:   (void) strncpy(buf, " ...\n", len);
+        full:   (void) strlcpy(buf, " ...\n", len);
             return 0;
         } else if (*s == '%') {     /* nonterminal */
             type = 0;
@@ -1423,7 +1423,7 @@ yy_parse::yyExpandName(int num, int isrule, char * buf, int len)
 
             if ((i = strlen(cp)) + buf > endp)
                 goto full;
-            (void) strncpy(buf, cp, len);
+            (void) strlcpy(buf, cp, len);
             buf += i;
         } else
             *buf++ = *s;