--- a/libpurple/plugins/tcl/tcl_ref.c	Sun Jul 17 17:17:19 2011 +0000
+++ b/libpurple/plugins/tcl/tcl_ref.c	Sun Jul 17 17:34:55 2011 +0000
@@ -92,6 +92,7 @@
 
 static void purple_tcl_ref_update(Tcl_Obj *obj)
 {
+	size_t len;
 	/* This is ugly on memory, but we pretty much have to either
 	 * do this or guesstimate lengths or introduce a varargs
 	 * function in here ... ugh. */
@@ -100,8 +101,9 @@
 				      OBJ_REF_VALUE(obj));
 
 	obj->length = strlen(bytes);
-	obj->bytes = ckalloc(obj->length + 1);
-	strcpy(obj->bytes, bytes);
+	len = obj->length + 1;
+	obj->bytes = ckalloc(len);
+	g_strlcpy(obj->bytes, bytes, len);
 	g_free(bytes);
 }
 

--- a/libpurple/plugins/tcl/tcl_signals.c	Sun Jul 17 17:17:19 2011 +0000
+++ b/libpurple/plugins/tcl/tcl_signals.c	Sun Jul 17 17:34:55 2011 +0000
@@ -259,8 +259,9 @@
 					vals[i] = ckalloc(1);
 					*(char *)vals[i] = '\0';
 				} else {
-					vals[i] = ckalloc(strlen(*strs[i]) + 1);
-					strcpy(vals[i], *strs[i]);
+					size_t len = strlen(*strs[i]) + 1;
+					vals[i] = ckalloc(len);
+					g_strlcpy(vals[i], *strs[i], len);
 				}
 				Tcl_LinkVar(handler->interp, name->str,
 					    (char *)&vals[i], TCL_LINK_STRING);