--- a/xymond/xymond.c
+++ b/xymond/xymond.c
@@ -2597,7 +2597,7 @@ int get_config(char *fn, conn_t *msg)
 	strbuffer_t *inbuf, *result;
 
 	dbgprintf("-> get_config %s\n", fn);
-	sprintf(fullfn, "%s/etc/%s", xgetenv("XYMONHOME"), fn);
+	snprintf(fullfn, sizeof(fullfn), "%s/etc/%s", xgetenv("XYMONHOME"), fn);
 	fd = stackfopen(fullfn, "r", NULL);
 	if (fd == NULL) {
 		errprintf("Config file %s not found\n", fn);
@@ -2628,7 +2628,7 @@ int get_binary(char *fn, conn_t *msg)
 	long flen;
 
 	dbgprintf("-> get_binary %s\n", fn);
-	sprintf(fullfn, "%s/download/%s", xgetenv("XYMONHOME"), fn);
+	snprintf(fullfn, sizeof(fullfn), "%s/download/%s", xgetenv("XYMONHOME"), fn);
 
 	result = get_filecache(fullfn, &flen);
 	if (!result) {
@@ -3270,7 +3270,7 @@ void do_message(conn_t *msg, char *origi
 
 			gettimeofday(&tv, &tz);
 
-			sprintf(tracefn, "%s/%d_%06d_%s.trace", xgetenv("XYMONTMP"), 
+			snprintf(tracefn, sizeof(tracefn), "%s/%d_%06d_%s.trace", xgetenv("XYMONTMP"), 
 				(int) tv.tv_sec, (int) tv.tv_usec, sender);
 			fd = fopen(tracefn, "w");
 			if (fd) {
@@ -4140,7 +4140,7 @@ void do_message(conn_t *msg, char *origi
 		/* Tell them we're here */
 		char id[128];
 
-		sprintf(id, "xymond %s\n", VERSION);
+		snprintf(id, sizeof(id), "xymond %s\n", VERSION);
 		msg->doingwhat = RESPONDING;
 		xfree(msg->buf);
 		msg->bufp = msg->buf = strdup(id);
@@ -5337,7 +5337,7 @@ int main(int argc, char *argv[])
 	if (dbghost) {
 		char fname[PATH_MAX];
 
-		sprintf(fname, "%s/xymond.dbg", xgetenv("XYMONTMP"));
+		snprintf(fname, sizeof(fname), "%s/xymond.dbg", xgetenv("XYMONTMP"));
 		dbgfd = fopen(fname, "a");
 		if (dbgfd == NULL) errprintf("Cannot open debug file %s: %s\n", fname, strerror(errno));
 	}