diff -Nurp orig/ext/odbc/php_odbc.c new/ext/odbc/php_odbc.c
--- orig/ext/odbc/php_odbc.c	2007-02-21 08:58:37.000000000 +0100
+++ new/ext/odbc/php_odbc.c	2007-02-21 08:59:13.000000000 +0100
@@ -1991,12 +1991,12 @@ PHP_FUNCTION(odbc_result_all)
 						RETURN_FALSE;
 					}
 					if (rc == SQL_SUCCESS_WITH_INFO)
-						php_printf(buf,result->longreadlen);
+						PHPWRITE(buf, result->longreadlen);
 					else if (result->values[i].vallen == SQL_NULL_DATA) {
 						php_printf("<td>NULL</td>");
 						break;
 					} else {
-						php_printf(buf, result->values[i].vallen);
+						PHPWRITE(buf, result->values[i].vallen);
 					}
 					php_printf("</td>");
 					break;
@@ -2097,23 +2097,23 @@ int odbc_sqlconnect(odbc_connection **co
 			 if (strstr(db, "pwd") || strstr(db, "PWD")) {
 				 pwd = NULL;
 			 }
-			 strncpy( lpszConnStr, db, CONNSTRSIZE);
+			 strlcpy( lpszConnStr, db, CONNSTRSIZE);
 		 }
 		 else {
 			 strcpy(lpszConnStr, "DSN=");
-			 strcat(lpszConnStr, db);
+			 strlcat(lpszConnStr, db, CONNSTRSIZE);
 		 }
 		 if (uid) {
 			 if (uid[0]) {
-				 strcat(lpszConnStr, ";UID=");
-				 strcat(lpszConnStr, uid);
-				 strcat(lpszConnStr, ";");
+				 strlcat(lpszConnStr, ";UID=", CONNSTRSIZE);
+				 strlcat(lpszConnStr, uid, CONNSTRSIZE);
+				 strlcat(lpszConnStr, ";", CONNSTRSIZE);
 			 }
 			 if (pwd) {
 				 if (pwd[0]) {
-					 strcat(lpszConnStr, "PWD=");
-					 strcat(lpszConnStr, pwd);
-					 strcat(lpszConnStr, ";");
+					 strlcat(lpszConnStr, "PWD=", CONNSTRSIZE);
+					 strlcat(lpszConnStr, pwd, CONNSTRSIZE);
+					 strlcat(lpszConnStr, ";", CONNSTRSIZE);
 				 }
 			 }
 		 }