diff --git a/ChangeLog b/ChangeLog
index 1da7d4f4ad..0217b43b7d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,16 @@
+2006-02-20  David Hampton  <hampton@employees.org>
+
+	* src/backend/file/sixtp-utils.c:
+	* src/backend/postgres/test/test-db.c:
+	* src/report/report-gnome/gnc-plugin-page-report.c:
+	* src/calculation/fin.c:
+	* src/gnome-utils/gnc-html.c:
+	* src/gnome-utils/gnc-html-graph-gog.c:
+	* lib/libgsf-1.12.3/gsf/gsf-output-stdio.c:
+	* lib/libgsf-1.12.3/gsf/gsf-utils.c:
+	* configure.in: Compile cleanly with when _FORTIFY_SOURCE is
+	defined.  This definition is forced when building RPMs on FC4.
+
 2006-02-20  Derek Atkins  <derek@ihtfp.com>
 
 	* configure.in: fix the qof configure test for OSX.
diff --git a/configure.in b/configure.in
index dcdec0dbe5..bd7f432902 100644
--- a/configure.in
+++ b/configure.in
@@ -2027,6 +2027,8 @@ then
      else if test `echo ${GCC_VERSION} | cut -d. -f1` -ge 4; then
 	# This is gcc == 4.x.x
 	warnFLAGS="${warnFLAGS} -Wdeclaration-after-statement -Wno-pointer-sign"
+	# rpmbuild on FC4 forces this flag. Can't hurt to always compile with it.
+	warnFLAGS="${warnFLAGS} -D_FORTIFY_SOURCE=2"
 	fi
      fi
   fi
diff --git a/lib/libgsf-1.12.3/gsf/gsf-output-stdio.c b/lib/libgsf-1.12.3/gsf/gsf-output-stdio.c
index 6af7023584..4b436a1a42 100644
--- a/lib/libgsf-1.12.3/gsf/gsf-output-stdio.c
+++ b/lib/libgsf-1.12.3/gsf/gsf-output-stdio.c
@@ -254,8 +254,10 @@ gsf_output_stdio_close (GsfOutput *output)
 			   stdio->st.st_uid,
 			   stdio->st.st_gid)) {
 			/* We cannot set both.  Maybe we can set one.  */
-			chown (stdio->real_filename, -1, stdio->st.st_gid);
-			chown (stdio->real_filename, stdio->st.st_uid, -1);
+			if (!chown (stdio->real_filename, -1, stdio->st.st_gid)) {
+				gint dc; /* Don't care */
+				dc = chown (stdio->real_filename, stdio->st.st_uid, -1);
+			}
 		}
 		chmod_wrapper (stdio->real_filename, stdio->st.st_mode);
 #endif
diff --git a/lib/libgsf-1.12.3/gsf/gsf-utils.c b/lib/libgsf-1.12.3/gsf/gsf-utils.c
index da23bb8438..d9a6dc732a 100644
--- a/lib/libgsf-1.12.3/gsf/gsf-utils.c
+++ b/lib/libgsf-1.12.3/gsf/gsf-utils.c
@@ -130,7 +130,7 @@ void
 gsf_input_dump (GsfInput *input, gboolean dump_as_hex)
 {
 	gsf_off_t offset = 0;
-	size_t size, count;
+	size_t size, count, count2, written;
 	guint8 const *data;
 
 	/* read in small blocks to excercise things */
@@ -143,8 +143,13 @@ gsf_input_dump (GsfInput *input, gboolean dump_as_hex)
 		g_return_if_fail (data != NULL);
 		if (dump_as_hex)
 			gsf_mem_dump_full (data, count, offset);
-		else
-			fwrite (data, 1, count, stdout);
+		else {
+			count2 = count;
+			do {
+				written = fwrite (data, 1, count2, stdout);
+				count2 -= written;
+			} while (count2 > 0);
+		}
 		size -= count;
 		offset += count;
 	}
diff --git a/src/backend/file/sixtp-utils.c b/src/backend/file/sixtp-utils.c
index 0df053be8c..0bfc57419b 100644
--- a/src/backend/file/sixtp-utils.c
+++ b/src/backend/file/sixtp-utils.c
@@ -499,7 +499,10 @@ string_to_timespec_nsecs(const gchar *str, Timespec *ts)
 
   if (!str || !ts) return FALSE;
 
-  sscanf(str, " %ld%n", &nanosecs, &charcount);
+  /* The '%n' doesn't count as a conversion. */
+  if (1 != sscanf(str, " %ld%n", &nanosecs, &charcount))
+    return FALSE;
+
   while( (*((gchar*)str + charcount)!='\0') &&
 	 isspace(*((unsigned char*)str + charcount)))
     charcount++;
diff --git a/src/backend/postgres/test/test-db.c b/src/backend/postgres/test/test-db.c
index ec612bd7e9..085ceac9ab 100644
--- a/src/backend/postgres/test/test-db.c
+++ b/src/backend/postgres/test/test-db.c
@@ -51,13 +51,11 @@ static void
 save_xml_file(QofSession * session, const char *filename_base)
 {
     QofBackendError io_err;
-    char cwd[1024];
-    char *filename;
+    gchar *cwd, *filename;
 
     g_return_if_fail(session && filename_base);
 
-    getcwd(cwd, sizeof(cwd));
-
+    cwd = g_get_current_dir();
     filename = g_strdup_printf("file:/%s/%s", cwd, filename_base);
 
     qof_session_begin(session, filename, FALSE, TRUE);
@@ -74,6 +72,7 @@ save_xml_file(QofSession * session, const char *filename_base)
     g_return_if_fail(io_err == ERR_BACKEND_NO_ERR);
 
     g_free(filename);
+    g_free(cwd);
 }
 
 static void
diff --git a/src/calculation/fin.c b/src/calculation/fin.c
index 9f148ab1d2..c10eb4ab78 100644
--- a/src/calculation/fin.c
+++ b/src/calculation/fin.c
@@ -1217,7 +1217,7 @@ rnd (double x, unsigned places)
   if (places >= 0)
   {
     sprintf (buf, "%.*f", (int) places, x);
-    sscanf (buf, "%lf", &r);
+    r = strtod(buf, NULL);
   }
   else
     r = x;
diff --git a/src/gnome-utils/gnc-html-graph-gog.c b/src/gnome-utils/gnc-html-graph-gog.c
index 889e2fafc0..35340c9ba2 100644
--- a/src/gnome-utils/gnc-html-graph-gog.c
+++ b/src/gnome-utils/gnc-html-graph-gog.c
@@ -95,8 +95,7 @@ static double *
 read_doubles(const char * string, int nvalues)
 {
   int    n;
-  int    choffset=0;
-  int    accum = 0;
+  gchar *next;
   double * retval = g_new0(double, nvalues);
 
   // guile is going to (puts ...) the elements of the double array
@@ -105,9 +104,9 @@ read_doubles(const char * string, int nvalues)
   gnc_push_locale("C");
   {
     for (n=0; n<nvalues; n++) {
-      sscanf(string + accum, "%le%n", &retval[n], &choffset);
-      accum += choffset;
-    }
+      retval[n] = strtod(string, &next);
+      string = next;
+     }
   }
   gnc_pop_locale();
 
@@ -323,7 +322,7 @@ handle_piechart(gnc_html * html, GtkHTMLEmbedded * eb, gpointer d)
                           && dataStr != NULL
                           && labelsStr != NULL
                           && colorStr != NULL, FALSE );
-    sscanf( datasizeStr, "%d", &datasize );
+    datasize = atoi( datasizeStr );
     data = read_doubles( dataStr, datasize );
     labels = read_strings( labelsStr, datasize );
     colors = read_strings( colorStr, datasize );
@@ -398,7 +397,7 @@ handle_barchart(gnc_html * html, GtkHTMLEmbedded * eb, gpointer d)
     colColorsStr = g_hash_table_lookup(eb->params, "col_colors");
     stackedStr = NULL;
     stackedStr   = g_hash_table_lookup(eb->params, "stacked");
-    sscanf( stackedStr, "%d", &stackedInt );
+    stackedInt = atoi( stackedStr );
     stacked = (gboolean)stackedInt;
 
 #if 0 // too strong at the moment.
@@ -409,8 +408,8 @@ handle_barchart(gnc_html * html, GtkHTMLEmbedded * eb, gpointer d)
                           && rowLabelsStr != NULL
                           && colColorsStr != NULL, FALSE );
 #endif // 0
-    sscanf( datarowsStr, "%d", &datarows );
-    sscanf( datacolsStr, "%d", &datacols );
+    datarows = atoi( datarowsStr );
+    datacols = atoi( datacolsStr );
     data = read_doubles( dataStr, datarows*datacols );
     row_labels = read_strings( rowLabelsStr, datarows );
     col_labels = read_strings( colLabelsStr, datacols );
@@ -500,7 +499,7 @@ handle_scatter(gnc_html * html, GtkHTMLEmbedded * eb, gpointer d)
     char *datasizeStr, *xDataStr, *yDataStr;
 
     datasizeStr = g_hash_table_lookup( eb->params, "datasize" );
-    sscanf( datasizeStr, "%d", &datasize );
+    datasize = atoi( datasizeStr );
 
     xDataStr = g_hash_table_lookup( eb->params, "x_data" );
     xData = read_doubles( xDataStr, datasize );
diff --git a/src/gnome-utils/gnc-html.c b/src/gnome-utils/gnc-html.c
index 56e7e0b90f..abdb53b124 100644
--- a/src/gnome-utils/gnc-html.c
+++ b/src/gnome-utils/gnc-html.c
@@ -1278,7 +1278,12 @@ raw_html_receiver (gpointer     engine,
                    gpointer     user_data)
 {
   FILE *fh = (FILE *) user_data;
-  fwrite (data, len, 1, fh);
+  size_t written;
+
+  do {
+    written = fwrite (data, 1, len, fh);
+    len -= written;
+  } while (len > 0);
   return TRUE;
 }
 
@@ -1528,9 +1533,11 @@ gnc_html_decode_string(const char * str)
     }
     else if(c == '%') {
       ptr++;
-      sscanf(ptr, "%02X", &hexval);
+      if (1 == sscanf(ptr, "%02X", &hexval))
+	decoded = g_string_append_c(decoded, (char)hexval);
+      else
+	decoded = g_string_append_c(decoded, ' ');
       ptr++;
-      decoded = g_string_append_c(decoded, (char)hexval);
     }
     ptr++;
   }
diff --git a/src/report/report-gnome/gnc-plugin-page-report.c b/src/report/report-gnome/gnc-plugin-page-report.c
index d30089207c..d959f8d4af 100644
--- a/src/report/report-gnome/gnc-plugin-page-report.c
+++ b/src/report/report-gnome/gnc-plugin-page-report.c
@@ -432,14 +432,14 @@ gnc_plugin_page_report_load_cb(gnc_html * html, URLType type,
             && location
             && (strlen(location) > 3)
             && !strncmp("id=", location, 3)) {
-                sscanf(location+3, "%d", &report_id);
+	        report_id = atoi(location+3);
                 DEBUG( "parsed id=%d", report_id );
         }
         else if (!safe_strcmp( type, URL_TYPE_OPTIONS)
                  && location
                  && (strlen(location) > 10)
                  && !strncmp("report-id=", location, 10)) {
-                sscanf(location+10, "%d", &report_id);
+                report_id = atoi(location+10);
                 inst_report = gnc_report_find(report_id);
                 if (inst_report != SCM_BOOL_F) {
                         gnc_plugin_page_report_add_edited_report(priv, inst_report);