diff -u -r --new-file --exclude=CVS samba-2.2.8/source/smbd/password.c samba-2.2.8a/source/smbd/password.c
--- samba-2.2.8/source/smbd/password.c	Fri Mar 14 15:34:49 2003
+++ samba-2.2.8a/source/smbd/password.c	Sun Apr  6 20:54:00 2003
@@ -816,7 +816,7 @@
 		if (!ok && lp_username(snum)) {
 			char *auser;
 			pstring user_list;
-			StrnCpy(user_list,lp_username(snum),sizeof(pstring));
+			StrnCpy(user_list,lp_username(snum),sizeof(pstring)-1);
 
 			pstring_sub(user_list,"%S",lp_servicename(snum));
 	  
diff -u -r --new-file --exclude=CVS samba-2.2.8/source/smbd/reply.c samba-2.2.8a/source/smbd/reply.c
--- samba-2.2.8/source/smbd/reply.c	Fri Mar 14 15:34:49 2003
+++ samba-2.2.8a/source/smbd/reply.c	Sun Apr  6 20:54:00 2003
@@ -1500,6 +1500,9 @@
 
         for (i=numentries;(i<maxentries) && !finished;i++)
         {
+	  /* check to make sure we have room in the buffer */
+	  if ( ((PTR_DIFF(p, outbuf))+DIR_STRUCT_SIZE) > BUFFER_SIZE )
+	  	break;
           finished = 
             !get_dir_entry(conn,mask,dirtype,fname,&size,&mode,&date,check_descend);
           if (!finished)
@@ -3528,6 +3531,9 @@
     
 
 		for (i=first;i<first+num_to_get;i++) {
+			/* check to make sure we have room in the buffer */
+			if ( (PTR_DIFF(p, outbuf)+28) > BUFFER_SIZE )
+				break;
 			put_dos_date2(p,0,queue[i].time);
 			SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3));
 			SSVAL(p,5, queue[i].job);
diff -u -r --new-file --exclude=CVS samba-2.2.8/source/smbd/statcache.c samba-2.2.8a/source/smbd/statcache.c
--- samba-2.2.8/source/smbd/statcache.c	Thu Oct 11 04:34:37 2001
+++ samba-2.2.8a/source/smbd/statcache.c	Sun Apr  6 20:54:00 2003
@@ -88,7 +88,7 @@
    * StrnCpy always null terminates.
    */
 
-  StrnCpy(orig_name, full_orig_name, namelen);
+  StrnCpy(orig_name, full_orig_name, MIN(namelen, sizeof(orig_name)-1));
   if(!case_sensitive)
     strupper( orig_name );
 
diff -u -r --new-file --exclude=CVS samba-2.2.8/source/smbd/trans2.c samba-2.2.8a/source/smbd/trans2.c
--- samba-2.2.8/source/smbd/trans2.c	Fri Mar 14 15:34:49 2003
+++ samba-2.2.8a/source/smbd/trans2.c	Sun Apr  6 20:54:00 2003
@@ -217,7 +217,6 @@
 	int16 open_ofun;
 	int32 open_size;
 	char *pname;
-	int16 namelen;
 
 	pstring fname;
 	mode_t unixmode;
@@ -247,9 +246,8 @@
 	open_ofun = SVAL(params,12);
 	open_size = IVAL(params,14);
 	pname = &params[28];
-	namelen = strlen(pname)+1;
 
-	StrnCpy(fname,pname,namelen);
+	pstrcpy(fname, pname);
 
 	DEBUG(3,("trans2open %s mode=%d attr=%d ofun=%d size=%d\n",
 		fname,open_mode, open_attr, open_ofun, open_size));