@@ -1577,6 +1577,7 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex

     if(strchr(hexsig, '(')) {

 	    char *hexnew, *start, *h, *c;

+        size_t hexnewsz;

 	if(hex) {

 	    hexcpy = hex;

@@ -1585,7 +1586,8 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex

 	    return CL_EMEM;

 	}

-	if(!(hexnew = (char *) cli_calloc(strlen(hexsig) + 1, 1))) {

+    hexnewsz = strlen(hexsig) + 1;

+	if(!(hexnew = (char *) cli_calloc(1, hexnewsz))) {

 	    free(new);

 	    free(hexcpy);

 	    return CL_EMEM;

@@ -1611,7 +1613,7 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex

 		    pt[-2] = 0;

 		}

 	    }

-	    strcat(hexnew, start);

+	    cli_strlcat(hexnew, start, hexnewsz);

 	    if(!(start = strchr(pt, ')'))) {

 		mpool_free(root->mempool, newspecial);

@@ -1654,7 +1656,7 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex

 		    continue;

 		}

 	    }

-	    strcat(hexnew, "()");

+	    cli_strlcat(hexnew, "()", hexnewsz);

 	    new->special++;

 	    newtable = (struct cli_ac_special **) mpool_realloc(root->mempool, new->special_table, new->special * sizeof(struct cli_ac_special *));

 	    if(!newtable) {

@@ -1746,7 +1748,7 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex

 	}

 	if(start)

-	    strcat(hexnew, start);

+	    cli_strlcat(hexnew, start, hexnewsz);

 	hex = hexnew;

 	free(hexcpy);

@@ -697,12 +697,12 @@ parseEmailFile(fmap_t *map, size_t *at, const table_t *rfc821, const char *first

 						break;

 					}

 				} else if(line != NULL) {

-					fulllinelength += strlen(line);

+					fulllinelength += strlen(line) + 1;

 					ptr = cli_realloc(fullline, fulllinelength);

 					if(ptr == NULL)

 						continue;

 					fullline = ptr;

-					strcat(fullline, line);

+					cli_strlcat(fullline, line, fulllinelength);

 				}

 				assert(fullline != NULL);

@@ -902,12 +902,12 @@ parseEmailHeaders(message *m, const table_t *rfc821)

 					fullline = cli_strdup(line);

 					fulllinelength = strlen(line) + 1;

 				} else if(line) {

-					fulllinelength += strlen(line);

+					fulllinelength += strlen(line) + 1;

 					ptr = cli_realloc(fullline, fulllinelength);

 					if(ptr == NULL)

 						continue;

 					fullline = ptr;

-					strcat(fullline, line);

+					cli_strlcat(fullline, line, fulllinelength);

 				}

 				assert(fullline != NULL);

@@ -1456,6 +1456,7 @@ parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx, unsigned int re

 						 */

 						while(t_line && next_is_folded_header(t_line)) {

 							const char *data;

+                            size_t datasz;

 							t_line = t_line->t_next;

@@ -1474,14 +1475,14 @@ parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx, unsigned int re

 								break;

 							}

-							ptr = cli_realloc(fullline,

-								strlen(fullline) + strlen(data) + 1);

+                            datasz = strlen(fullline) + strlen(data) + 1;

+							ptr = cli_realloc(fullline, datasz);

 							if(ptr == NULL)

 								break;

 							fullline = ptr;

-							strcat(fullline, data);

+							cli_strlcat(fullline, data, datasz);

 							/*quotes = count_quotes(data);*/

 						}

@@ -480,6 +480,7 @@ messageAddArguments(message *m, const char *s)

 	while(*string) {

 		const char *key, *cptr;

 		char *data, *field;

+        size_t datasz=0;

 		if(isspace(*string & 0xff) || (*string == ';')) {

 			string++;

@@ -592,12 +593,14 @@ messageAddArguments(message *m, const char *s)

 			*ptr = '\0';

+            datasz = strlen(kcopy) + strlen(data) + 2;

 			field = cli_realloc(kcopy, strlen(kcopy) + strlen(data) + 2);

 			if(field) {

-				strcat(field, "=");

-				strcat(field, data);

-			} else

+                cli_strlcat(field, "=", datasz);

+                cli_strlcat(field, data, datasz);

+			} else {

 				free(kcopy);

+            }

 			free(data);

 		} else {

 			size_t len;

@@ -117,7 +117,7 @@ int cli_parse_add(struct cli_matcher *root, const char *virname, const char *hex

 	int ret, asterisk = 0, range;

 	unsigned int i, j, hexlen, parts = 0;

 	int mindist = 0, maxdist = 0, error = 0;

-

+    size_t hexcpysz;

     hexlen = strlen(hexsig);

     if (hexsig[0] == '$') {

@@ -165,18 +165,19 @@ int cli_parse_add(struct cli_matcher *root, const char *virname, const char *hex

     }

     if((wild = strchr(hexsig, '{'))) {

 	if(sscanf(wild, "%c%u%c", &l, &range, &r) == 3 && l == '{' && r == '}' && range > 0 && range < 128) {

-	    hexcpy = cli_calloc(hexlen + 2 * range, sizeof(char));

+        hexcpysz = hexlen + 2 * range;

+	    hexcpy = cli_calloc(1, hexcpysz);

 	    if(!hexcpy)

 		return CL_EMEM;

 	    strncpy(hexcpy, hexsig, wild - hexsig);

 	    for(i = 0; i < (unsigned int) range; i++)

-		strcat(hexcpy, "??");

+		cli_strlcat(hexcpy, "??", hexcpysz);

 	    if(!(wild = strchr(wild, '}'))) {

 		cli_errmsg("cli_parse_add(): Problem adding signature: missing bracket\n");

 		free(hexcpy);

 		return CL_EMALFDB;

 	    }

-	    strcat(hexcpy, ++wild);

+	    cli_strlcat(hexcpy, ++wild, hexcpysz);

 	    ret = cli_parse_add(root, virname, hexcpy, rtype, type, offset, target, lsigid, options);

 	    free(hexcpy);

 	    return ret;