--- src/string.c.orig	2000-03-14 03:45:05.000000000 +0100
+++ src/string.c	2004-12-23 22:43:12.000000000 +0100
@@ -29,20 +29,30 @@
 {
   int string_index = 0, sub_index, string_len;
   char sub_string[50], new_string[2048];
+  int new_len;
 
   string_len = strlen (string);
-  strcpy (new_string, "");
+  new_string[0] = 0;
+  new_len = 0;
   do
     {
       sub_index = 0;
-      strcpy (sub_string, "");
-      while ((string[string_index]) && (string[string_index] != 32))
+      while ((sub_index < sizeof(sub_string)-1) && (string[string_index]) && (string[string_index] != 32))
 	sub_string[sub_index++] = string[string_index++];
       sub_string[sub_index] = 0;
       if (!strcmp (sub_string, search_string))
-	strcpy (sub_string, replace_string);
-      strcat (new_string, sub_string);
-      strcat (new_string, " ");
+	strncpy (sub_string, replace_string, 50);
+      sub_string[49] = 0;
+      if (new_len + sub_index >= sizeof(new_string))
+        sub_index = sizeof(new_string) - new_len - 1;
+      strncpy (new_string+new_len, sub_string, sub_index);
+      new_len += sub_index;
+      if (new_len >= sizeof(new_string)-1) {
+        new_string[sizeof(new_string)-1] = 0;
+        break;
+      }
+      new_string[new_len++] = ' ';
+      new_string[new_len] = 0;
     }
   while (++string_index < string_len);