diff --git a/tee-supplicant/src/tee_supp_fs.c b/tee-supplicant/src/tee_supp_fs.c
index cc4120fd..7e49bfc5 100644
--- a/tee-supplicant/src/tee_supp_fs.c
+++ b/tee-supplicant/src/tee_supp_fs.c
@@ -119,7 +119,7 @@ static int do_mkdir(const char *path, mode_t mode)
 static int mkpath(const char *path, mode_t mode)
 {
 	int status = 0;
-	char *subpath = strdup(path);
+	char *subpath = strndup(path, PATH_MAX);
 	char *prev = subpath;
 	char *curr = NULL;
 
diff --git a/tee-supplicant/src/tee_supplicant.c b/tee-supplicant/src/tee_supplicant.c
index 4fc247c4..803754d7 100644
--- a/tee-supplicant/src/tee_supplicant.c
+++ b/tee-supplicant/src/tee_supplicant.c
@@ -706,11 +706,12 @@ static void set_ta_path(void)
 	char *new_path = NULL;
 	size_t n = 0;
 	const char *path = supplicant_params.ta_load_path;
+	int path_len = -1;
 
 	if (!path)
 		path = TEEC_LOAD_PATH;
 
-	ta_path_str = strdup(path);
+	ta_path_str = strndup(path, PATH_MAX);
 	if (!ta_path_str)
 		goto err;
 
@@ -726,18 +727,21 @@ static void set_ta_path(void)
 		goto err;
 
 	n = 0;
-	strcpy(ta_path_str, path);
+	strncpy(ta_path_str, path, PATH_MAX);
 	p = ta_path_str;
 
 	while ((new_path = strtok_r(p, ":", &saveptr))) {
 		if (!supplicant_params.ta_load_path) {
 			char full_path[PATH_MAX] = { 0 };
 
-			snprintf(full_path, PATH_MAX, "%s/%s", new_path,
-					supplicant_params.ta_dir);
-			ta_path[n++] = strdup(full_path);
+			path_len = snprintf(full_path, PATH_MAX, "%s/%s", new_path,
+						supplicant_params.ta_dir);
+			if (path_len < 0 || path_len >= PATH_MAX)
+				goto err_path;
+
+			ta_path[n++] = strndup(full_path, PATH_MAX);
 		} else {
-			ta_path[n++] = strdup(new_path);
+			ta_path[n++] = strndup(new_path, PATH_MAX);
 		}
 
 		p = NULL;
@@ -749,6 +753,10 @@ static void set_ta_path(void)
 err:
 	EMSG("out of memory");
 	exit(EXIT_FAILURE);
+
+err_path:
+	EMSG("Path exceeds maximum path length");
+	exit(EXIT_FAILURE);
 }
 
 /*