diff --git mtr/curses.c mtr/curses.c
index 880d85f..de34113 100644
--- mtr/curses.c
+++ mtr/curses.c
@@ -328,12 +328,15 @@ void mtr_curses_hosts(int startstat)
 
 	/* temporay hack for stats usec to ms... */
 	if( index( data_fields[j].format, 'f' ) ) {
-	  sprintf(buf + hd_len, data_fields[j].format,
+	  snprintf(buf + hd_len, sizeof(buf) - hd_len, data_fields[j].format,
 		data_fields[j].net_xxx(at) /1000.0 );
 	} else {
-	  sprintf(buf + hd_len, data_fields[j].format,
+	  snprintf(buf + hd_len, sizeof(buf) - hd_len, data_fields[j].format,
 		data_fields[j].net_xxx(at) );
 	}
+
+	if(hd_len + data_fields[j].length > sizeof(buf)) break;
+
 	hd_len +=  data_fields[j].length;
       }
       buf[hd_len] = 0;
@@ -537,7 +540,10 @@ void mtr_curses_redraw(void)
 	if (j < 0) continue;
 
 	sprintf( fmt, "%%%ds", data_fields[j].length );
-        sprintf( buf + hd_len, fmt, data_fields[j].title );
+        snprintf( buf + hd_len, sizeof(buf) - hd_len, fmt, data_fields[j].title );
+
+	if(hd_len + data_fields[j].length > sizeof(buf)) break;
+
 	hd_len +=  data_fields[j].length;
     }
     attron(A_BOLD);
diff --git mtr/gtk.c mtr/gtk.c
index 9f893bd..fce9f84 100644
--- mtr/gtk.c
+++ mtr/gtk.c
@@ -463,7 +463,8 @@ void update_tree_row(int row, GtkTreeIter *iter)
   if ( addrcmp( (void *) addr, (void *) &unspec_addr, af ) != 0 ) {
     name = dns_lookup(addr);
     if(!name) {
-      sprintf(str, "%s", strlongip( addr ));
+      strncpy(str, strlongip( addr ), sizeof(str) - 1);
+      name[ (sizeof str) - 1 ] = '\0'; 
       name = str;
     }
   }
diff --git mtr/report.c mtr/report.c
index 34ea114..4ecc1e1 100644
--- mtr/report.c
+++ mtr/report.c
@@ -76,7 +76,8 @@ void report_close(void)
           strncpy( name, host->h_name, (sizeof name) - 1 );
           name[ (sizeof name) - 1 ] = '\0'; 
         } else {
-          snprintf(name, sizeof(name), "%s", strlongip( addr ) );
+          strncpy(name, strlongip( addr ), sizeof(name) - 1 );
+          name[ (sizeof name) - 1 ] = '\0'; 
         }
         if (len_hosts < strlen(name)) {
           len_hosts = strlen(name);
@@ -93,7 +94,10 @@ void report_close(void)
     if (j < 0) continue;
 
     snprintf( fmt, sizeof(fmt), "%%%ds", data_fields[j].length );
-    snprintf( buf + len, sizeof(buf), fmt, data_fields[j].title );
+    snprintf( buf + len, sizeof(buf) - len, fmt, data_fields[j].title );
+
+    if(len + data_fields[j].length > sizeof(buf)) break;
+
     len +=  data_fields[j].length;
   }
   printf("%s\n",buf);
@@ -103,7 +107,7 @@ void report_close(void)
   for(; at < max; at++) {
     addr = net_addr(at);
     if( addrcmp( (void *) addr, (void *) &unspec_addr, af ) == 0 ) {
-      sprintf(name, "???");
+      strcpy(name, "???");
     } else {
       host = dns ? addr2host( (void *) addr, af ) : NULL;
 
@@ -111,7 +115,8 @@ void report_close(void)
         strncpy( name, host->h_name, (sizeof name) - 1 );
         name[ (sizeof name) - 1 ] = '\0'; 
       } else {
-        snprintf(name, sizeof(name), "%s", strlongip( addr ) );
+        strncpy(name, strlongip( addr ), sizeof(name) );
+        name[ (sizeof name) - 1 ] = '\0'; 
       }
     }
 
@@ -124,12 +129,15 @@ void report_close(void)
 
       /* 1000.0 is a temporay hack for stats usec to ms, impacted net_loss. */
       if( index( data_fields[j].format, 'f' ) ) {
-        snprintf( buf + len, sizeof(buf), data_fields[j].format,
+        snprintf( buf + len, sizeof(buf) - len, data_fields[j].format,
 		data_fields[j].net_xxx(at) /1000.0 );
       } else {
-        snprintf( buf + len, sizeof(buf), data_fields[j].format,
+        snprintf( buf + len, sizeof(buf) - len, data_fields[j].format,
 		data_fields[j].net_xxx(at) );
       }
+
+      if(len + data_fields[j].length > sizeof(buf)) break;
+
       len +=  data_fields[j].length;
     }
     printf("%s\n",buf);
@@ -205,7 +213,7 @@ void xml_close(void)
     addr = net_addr(at);
     
     if( addrcmp( (void *) addr, (void *) &unspec_addr, af ) == 0 ) {
-      sprintf(name, "???");
+      strcpy(name, "???");
     } else {
       host = dns ? addr2host( (void *) addr, af ) : NULL;
 
@@ -213,7 +221,8 @@ void xml_close(void)
 	 strncpy( name, host->h_name, (sizeof name) - 1 );
 	 name[ (sizeof name) - 1 ] = '\0'; 
       } else {
-	sprintf(name, "%s", strlongip( addr ) );
+	 strncpy(name, strlongip( addr ), sizeof(name) - 1 );
+	 name[ (sizeof name) - 1 ] = '\0'; 
       }
     }
 
@@ -287,7 +296,7 @@ void csv_close(void)
     addr = net_addr(at);
     
     if( addrcmp( (void *) addr, (void *) &unspec_addr, af ) == 0 ) {
-      sprintf(name, "???");
+      strcpy(name, "???");
     } else {
       host = dns ? addr2host( (void *) addr, af ) : NULL;
 
@@ -295,7 +304,8 @@ void csv_close(void)
 	 strncpy( name, host->h_name, (sizeof name) - 1 );
 	 name[ (sizeof name) - 1 ] = '\0'; 
       } else {
-	sprintf(name, "%s", strlongip( addr ) );
+	 strncpy(name, strlongip( addr ), sizeof(name) - 1 );
+	 name[ (sizeof name) - 1 ] = '\0'; 
       }
     }