diff -r f8ddcb758117 xen/arch/x86/cpu/centaur.c
--- a/xen/arch/x86/cpu/centaur.c	Sun Jan 28 19:02:00 2007 +0000
+++ b/xen/arch/x86/cpu/centaur.c	Mon Jan 29 10:21:40 2007 +0100
@@ -437,7 +437,8 @@ static void __init init_centaur(struct c
 				/* Add L1 data and code cache sizes. */
 				c->x86_cache_size = (cc>>24)+(dd>>24);
 			}
-			sprintf( c->x86_model_id, "WinChip %s", name );
+			snprintf( c->x86_model_id, sizeof(c->x86_model_id),
+				"WinChip %s", name );
 			break;
 
 		case 6:
diff -r f8ddcb758117 xen/arch/x86/cpu/common.c
--- a/xen/arch/x86/cpu/common.c	Sun Jan 28 19:02:00 2007 +0000
+++ b/xen/arch/x86/cpu/common.c	Mon Jan 29 14:39:33 2007 +0100
@@ -30,9 +30,9 @@ static void default_init(struct cpuinfo_
 	if (c->cpuid_level == -1) {
 		/* No cpuid. It must be an ancient CPU */
 		if (c->x86 == 4)
-			strcpy(c->x86_model_id, "486");
+			strlcpy(c->x86_model_id, "486", sizeof(c->x86_model_id));
 		else if (c->x86 == 3)
-			strcpy(c->x86_model_id, "386");
+			strlcpy(c->x86_model_id, "386", sizeof(c->x86_model_id));
 	}
 }
 
@@ -383,11 +383,11 @@ void __devinit identify_cpu(struct cpuin
 		char *p;
 		p = table_lookup_model(c);
 		if ( p )
-			strcpy(c->x86_model_id, p);
+			strlcpy(c->x86_model_id, p, sizeof(c->x86_model_id));
 		else
 			/* Last resort... */
-			sprintf(c->x86_model_id, "%02x/%02x",
-				c->x86_vendor, c->x86_model);
+			snprintf(c->x86_model_id, sizeof(c->x86_model_id),
+				"%02x/%02x", c->x86_vendor, c->x86_model);
 	}
 
 	/* Now the feature flags better reflect actual CPU features! */
diff -r f8ddcb758117 xen/arch/x86/cpu/cyrix.c
--- a/xen/arch/x86/cpu/cyrix.c	Sun Jan 28 19:02:00 2007 +0000
+++ b/xen/arch/x86/cpu/cyrix.c	Mon Jan 29 14:39:59 2007 +0100
@@ -302,7 +302,7 @@ static void __init init_cyrix(struct cpu
 		dir0_msn = 7;
 		break;
 	}
-	strcpy(buf, Cx86_model[dir0_msn & 7]);
+	strlcpy(buf, Cx86_model[dir0_msn & 7], sizeof(c->x86_model_id));
 	if (p) strcat(buf, p);
 	return;
 }
@@ -339,7 +339,7 @@ static void cyrix_identify(struct cpuinf
 	if ( c->x86 == 4 && test_cyrix_52div() ) {
 		unsigned char dir0, dir1;
 		
-		strcpy(c->x86_vendor_id, "CyrixInstead");
+		strlcpy(c->x86_vendor_id, "CyrixInstead", sizeof(c->x86_vendor_id));
 	        c->x86_vendor = X86_VENDOR_CYRIX;
 	        
 	        /* Actually enable cpuid on the older cyrix */
diff -r f8ddcb758117 xen/arch/x86/cpu/intel.c
--- a/xen/arch/x86/cpu/intel.c	Sun Jan 28 19:02:00 2007 +0000
+++ b/xen/arch/x86/cpu/intel.c	Mon Jan 29 14:20:56 2007 +0100
@@ -152,7 +152,7 @@ static void __devinit init_intel(struct 
 	}
 
 	if ( p )
-		strcpy(c->x86_model_id, p);
+		strlcpy(c->x86_model_id, p, sizeof(c->x86_model_id));
 	
 	c->x86_max_cores = num_cpu_cores(c);
 
diff -r f8ddcb758117 xen/arch/x86/dmi_scan.c
--- a/xen/arch/x86/dmi_scan.c	Sun Jan 28 19:02:00 2007 +0000
+++ b/xen/arch/x86/dmi_scan.c	Mon Jan 29 14:31:49 2007 +0100
@@ -159,7 +159,7 @@ static void __init dmi_save_ident(struct
 		return;
 	dmi_ident[slot] = alloc_bootmem(strlen(p)+1);
 	if(dmi_ident[slot])
-		strcpy(dmi_ident[slot], p);
+		strlcpy(dmi_ident[slot], p, sizeof(dmi_ident[slot]));
 	else
 		printk(KERN_ERR "dmi_save_ident: out of memory.\n");
 }
diff -r f8ddcb758117 xen/arch/x86/domain_build.c
--- a/xen/arch/x86/domain_build.c	Sun Jan 28 19:02:00 2007 +0000
+++ b/xen/arch/x86/domain_build.c	Mon Jan 29 10:36:30 2007 +0100
@@ -821,7 +821,7 @@ int construct_dom0(struct domain *d,
     si->pt_base      = vpt_start + 2 * PAGE_SIZE * !!IS_COMPAT(d);
     si->nr_pt_frames = nr_pt_pages;
     si->mfn_list     = vphysmap_start;
-    sprintf(si->magic, "xen-%i.%i-x86_%d%s",
+    snprintf(si->magic, sizeof(si->magic), "xen-%i.%i-x86_%d%s",
             xen_major_version(), xen_minor_version(),
             elf_64bit(&elf) ? 64 : 32,
             parms.pae ? "p" : "");
@@ -871,7 +871,7 @@ int construct_dom0(struct domain *d,
 
     memset(si->cmd_line, 0, sizeof(si->cmd_line));
     if ( cmdline != NULL )
-        strncpy((char *)si->cmd_line, cmdline, sizeof(si->cmd_line)-1);
+        strlcpy((char *)si->cmd_line, cmdline, sizeof(si->cmd_line));
 
     if ( fill_console_start_info((void *)(si + 1)) )
     {
diff -r f8ddcb758117 xen/arch/x86/hvm/intercept.c
--- a/xen/arch/x86/hvm/intercept.c	Sun Jan 28 19:02:00 2007 +0000
+++ b/xen/arch/x86/hvm/intercept.c	Mon Jan 29 10:13:16 2007 +0100
@@ -173,7 +173,7 @@ int hvm_register_savevm(struct domain *d
         return -1;
     }
 
-    strncpy(se->idstr, idstr, HVM_SE_IDSTR_LEN);
+    strlcpy(se->idstr, idstr, HVM_SE_IDSTR_LEN);
 
     se->instance_id = instance_id;
     se->version_id = version_id;
diff -r f8ddcb758117 xen/arch/x86/oprofile/nmi_int.c
--- a/xen/arch/x86/oprofile/nmi_int.c	Sun Jan 28 19:02:00 2007 +0000
+++ b/xen/arch/x86/oprofile/nmi_int.c	Mon Jan 29 10:50:02 2007 +0100
@@ -22,6 +22,7 @@
 #include <asm/regs.h>
 #include <asm/current.h>
 #include <xen/delay.h>
+#include <xen/string.h>
  
 #include "op_counter.h"
 #include "op_x86_model.h"
@@ -39,7 +40,6 @@ extern int active_id(struct domain *d);
 extern int active_id(struct domain *d);
 extern int is_profiled(struct domain *d);
 
-extern size_t strlcpy(char *dest, const char *src, size_t size);
 
 
 static int nmi_callback(struct cpu_user_regs *regs, int cpu)
@@ -276,20 +276,20 @@ static int __init p4_init(char * cpu_typ
 	}
 
 #ifndef CONFIG_SMP
-	strncpy (cpu_type, "i386/p4", XENOPROF_CPU_TYPE_SIZE - 1);
+	strlcpy (cpu_type, "i386/p4", XENOPROF_CPU_TYPE_SIZE);
 	model = &op_p4_spec;
 	return 1;
 #else
 	switch (smp_num_siblings) {
 		case 1:
-			strncpy (cpu_type, "i386/p4", 
-				 XENOPROF_CPU_TYPE_SIZE - 1);
+			strlcpy (cpu_type, "i386/p4", 
+				 XENOPROF_CPU_TYPE_SIZE);
 			model = &op_p4_spec;
 			return 1;
 
 		case 2:
-			strncpy (cpu_type, "i386/p4-ht", 
-				 XENOPROF_CPU_TYPE_SIZE - 1);
+			strlcpy (cpu_type, "i386/p4-ht", 
+				 XENOPROF_CPU_TYPE_SIZE);
 			model = &op_p4_ht2_spec;
 			return 1;
 	}
@@ -311,17 +311,17 @@ static int __init ppro_init(char *cpu_ty
 		return 0;
 	}
 	else if (cpu_model == 15)
-		strncpy (cpu_type, "i386/core_2", XENOPROF_CPU_TYPE_SIZE - 1);
+		strlcpy (cpu_type, "i386/core_2", XENOPROF_CPU_TYPE_SIZE);
 	else if (cpu_model == 14)
-		strncpy (cpu_type, "i386/core", XENOPROF_CPU_TYPE_SIZE - 1);
+		strlcpy (cpu_type, "i386/core", XENOPROF_CPU_TYPE_SIZE);
 	else if (cpu_model == 9)
-		strncpy (cpu_type, "i386/p6_mobile", XENOPROF_CPU_TYPE_SIZE - 1);
+		strlcpy (cpu_type, "i386/p6_mobile", XENOPROF_CPU_TYPE_SIZE);
 	else if (cpu_model > 5)
-		strncpy (cpu_type, "i386/piii", XENOPROF_CPU_TYPE_SIZE - 1);
+		strlcpy (cpu_type, "i386/piii", XENOPROF_CPU_TYPE_SIZE);
 	else if (cpu_model > 2)
-		strncpy (cpu_type, "i386/pii", XENOPROF_CPU_TYPE_SIZE - 1);
+		strlcpy (cpu_type, "i386/pii", XENOPROF_CPU_TYPE_SIZE);
 	else
-		strncpy (cpu_type, "i386/ppro", XENOPROF_CPU_TYPE_SIZE - 1);
+		strlcpy (cpu_type, "i386/ppro", XENOPROF_CPU_TYPE_SIZE);
 
 	model = &op_ppro_spec;
 	return 1;
@@ -346,9 +346,6 @@ int nmi_init(int *num_events, int *is_pr
 		}
 	}
  
-	/* Make sure string is NULL terminated */
-	cpu_type[XENOPROF_CPU_TYPE_SIZE - 1] = 0;
-
 	switch (vendor) {
 		case X86_VENDOR_AMD:
 			/* Needs to be at least an Athlon (or hammer in 32bit mode) */
@@ -361,15 +358,15 @@ int nmi_init(int *num_events, int *is_pr
 				return -ENODEV;
 			case 6:
 				model = &op_athlon_spec;
-				strncpy (cpu_type, "i386/athlon", 
-					 XENOPROF_CPU_TYPE_SIZE - 1);
+				strlcpy (cpu_type, "i386/athlon", 
+					 XENOPROF_CPU_TYPE_SIZE);
 				break;
 			case 0xf:
 				model = &op_athlon_spec;
 				/* Actually it could be i386/hammer too, but give
 				   user space an consistent name. */
-				strncpy (cpu_type, "x86-64/hammer", 
-					 XENOPROF_CPU_TYPE_SIZE - 1);
+				strlcpy (cpu_type, "x86-64/hammer", 
+					 XENOPROF_CPU_TYPE_SIZE);
 				break;
 			}
 			break;
diff -r f8ddcb758117 xen/arch/x86/setup.c
--- a/xen/arch/x86/setup.c	Sun Jan 28 19:02:00 2007 +0000
+++ b/xen/arch/x86/setup.c	Mon Jan 29 14:30:28 2007 +0100
@@ -111,8 +111,7 @@ static void parse_acpi_param(char *s)
 static void parse_acpi_param(char *s)
 {
     /* Save the parameter so it can be propagated to domain0. */
-    strncpy(acpi_param, s, sizeof(acpi_param));
-    acpi_param[sizeof(acpi_param)-1] = '\0';
+    strlcpy(acpi_param, s, sizeof(acpi_param));
 
     /* Interpret the parameter for use within Xen. */
     if ( !strcmp(s, "off") )
@@ -749,7 +748,7 @@ void __init __start_xen(multiboot_info_t
         if ( (cmdline = strchr(cmdline, ' ')) != NULL )
         {
             while ( *cmdline == ' ' ) cmdline++;
-            strcpy(dom0_cmdline, cmdline);
+            strlcpy(dom0_cmdline, cmdline, sizeof(dom0_cmdline));
         }
 
         cmdline = dom0_cmdline;
@@ -804,35 +803,57 @@ void arch_get_xen_caps(xen_capabilities_
 void arch_get_xen_caps(xen_capabilities_info_t info)
 {
     char *p = info;
+    int i = 0;
     int major = xen_major_version();
     int minor = xen_minor_version();
 
 #if defined(CONFIG_X86_32) && !defined(CONFIG_X86_PAE)
 
-    p += sprintf(p, "xen-%d.%d-x86_32 ", major, minor);
+    i = snprintf(p, sizeof(xen_capabilities_info_t),
+                 "xen-%d.%d-x86_32 ", major, minor);
+    p += i;
+    if ( hvm_enabled ) {
+        i = snprintf(p, sizeof(xen_capabilities_info_t) - i,
+		"hvm-%d.%d-x86_32 ", major, minor);
+	p += i;
+    }
+
+#elif defined(CONFIG_X86_32) && defined(CONFIG_X86_PAE)
+
+    i = snprintf(p, sizeof(xen_capabilities_info_t),
+                 "xen-%d.%d-x86_32p ", major, minor);
+    p += i;
     if ( hvm_enabled )
-        p += sprintf(p, "hvm-%d.%d-x86_32 ", major, minor);
-
-#elif defined(CONFIG_X86_32) && defined(CONFIG_X86_PAE)
-
-    p += sprintf(p, "xen-%d.%d-x86_32p ", major, minor);
+    {
+        i = snprintf(p, sizeof(xen_capabilities_info_t) - i,
+                     "hvm-%d.%d-x86_32 ", major, minor);
+        p += i;
+        i = snprintf(p, sizeof(xen_capabilities_info_t) - i,
+                     "hvm-%d.%d-x86_32p ", major, minor);
+        p += i;
+    }
+
+#elif defined(CONFIG_X86_64)
+
+    i = snprintf(p, sizeof(xen_capabilities_info_t),
+                 "xen-%d.%d-x86_64 ", major, minor);
+    p += i;
+#ifdef CONFIG_COMPAT
+    i = snprintf(p, sizeof(xen_capabilities_info_t) - i,
+                "xen-%d.%d-x86_32p ", major, minor);
+    p += i;
+#endif
     if ( hvm_enabled )
     {
-        p += sprintf(p, "hvm-%d.%d-x86_32 ", major, minor);
-        p += sprintf(p, "hvm-%d.%d-x86_32p ", major, minor);
-    }
-
-#elif defined(CONFIG_X86_64)
-
-    p += sprintf(p, "xen-%d.%d-x86_64 ", major, minor);
-#ifdef CONFIG_COMPAT
-    p += sprintf(p, "xen-%d.%d-x86_32p ", major, minor);
-#endif
-    if ( hvm_enabled )
-    {
-        p += sprintf(p, "hvm-%d.%d-x86_32 ", major, minor);
-        p += sprintf(p, "hvm-%d.%d-x86_32p ", major, minor);
-        p += sprintf(p, "hvm-%d.%d-x86_64 ", major, minor);
+        i = snprintf(p, sizeof(xen_capabilities_info_t) - i,
+                     "hvm-%d.%d-x86_32 ", major, minor);
+        p += i;
+        i = snprintf(p, sizeof(xen_capabilities_info_t) - i,
+                     "hvm-%d.%d-x86_32p ", major, minor);
+        p += i;
+        i = snprintf(p, sizeof(xen_capabilities_info_t) - i,
+                     "hvm-%d.%d-x86_64 ", major, minor);
+        p += i;
     }
 
 #else
diff -r f8ddcb758117 xen/arch/x86/time.c
--- a/xen/arch/x86/time.c	Sun Jan 28 19:02:00 2007 +0000
+++ b/xen/arch/x86/time.c	Mon Jan 29 10:36:50 2007 +0100
@@ -274,7 +274,7 @@ static char *freq_string(u64 freq)
     unsigned int x, y;
     y = (unsigned int)do_div(freq, 1000000) / 1000;
     x = (unsigned int)freq;
-    sprintf(s, "%u.%03uMHz", x, y);
+    snprintf(s, sizeof(s), "%u.%03uMHz", x, y);
     return s;
 }