diff --git a/internal.c b/internal.c
index a9880c334..ea9d74719 100644
--- a/internal.c
+++ b/internal.c
@@ -94,7 +94,7 @@ ethash_cache *ethash_cache_new(ethash_params const *params, ethash_h256_t const
     if (!ret) {
         return NULL;
     }
-    ret->mem = malloc(params->cache_size);
+    ret->mem = malloc((size_t)params->cache_size);
     if (!ret->mem) {
         goto fail_free_cache;
     }
@@ -386,7 +386,7 @@ ethash_full_t ethash_full_new(ethash_params const* params,
     }
     
     ret->cache = (ethash_cache*)cache;
-    ret->data = malloc(params->full_size);
+    ret->data = malloc((size_t)params->full_size);
     if (!ret->data) {
         goto fail_free_full;
     }
diff --git a/io.c b/io.c
index e98b4d550..dc72c63a6 100644
--- a/io.c
+++ b/io.c
@@ -36,7 +36,7 @@ static bool ethash_io_write_file(char const *dirname,
     if (!fullname) {
         return false;
     }
-    FILE *f = fopen(fullname, "wb");
+    FILE *f = ethash_fopen(fullname, "wb");
     if (!f) {
         goto free_name;
     }
diff --git a/io.h b/io.h
index f4f3ac0d7..1697b6872 100644
--- a/io.h
+++ b/io.h
@@ -22,6 +22,7 @@
 #include <stdlib.h>
 #include <stdint.h>
 #include <stdbool.h>
+#include <stdio.h>
 #include "ethash.h"
 
 #ifdef __cplusplus
@@ -84,6 +85,37 @@ bool ethash_io_write(char const *dirname,
                      uint8_t **data,
                      uint64_t *data_size);
 
+/**
+ * An fopen wrapper for no-warnings crossplatform fopen.
+ *
+ * Msvc compiler considers fopen to be insecure and suggests to use their
+ * alternative. This is a wrapper for this alternative. Another way is to 
+ * #define _CRT_SECURE_NO_WARNINGS, but disabling all security warnings does
+ * not sound like a good idea.
+ *
+ * @param file_name        The path to the file to open
+ * @param mode             Opening mode. Check fopen()
+ * @return                 The FILE* or NULL in failure
+ */
+FILE *ethash_fopen(const char *file_name, const char *mode);
+/**
+ * An stncat wrapper for no-warnings crossplatform strncat.
+ *
+ * Msvc compiler considers strncat to be insecure and suggests to use their
+ * alternative. This is a wrapper for this alternative. Another way is to 
+ * #define _CRT_SECURE_NO_WARNINGS, but disabling all security warnings does
+ * not sound like a good idea.
+ *
+ * @param des              Destination buffer
+ * @param dest_size        Maximum size of the destination buffer. This is the
+ *                         extra argument for the MSVC secure strncat
+ * @param src              Souce buffer
+ * @param count            Number of bytes to copy from source
+ * @return                 If all is well returns the dest buffer. If there is an
+ *                         error returns NULL
+ */
+char *ethash_strncat(char *dest, size_t dest_size, const char *src, size_t count);
+
 static inline void ethash_io_serialize_info(uint32_t revision,
                                             ethash_h256_t seed_hash,
                                             char *output)
@@ -97,15 +129,16 @@ static inline char *ethash_io_create_filename(char const *dirname,
                                               char const* filename,
                                               size_t filename_length)
 {
+    size_t dirlen = strlen(dirname);
     // in C the cast is not needed, but a C++ compiler will complain for invalid conversion
-    char *name = (char*)malloc(strlen(dirname) + filename_length);
+    char *name = (char*)malloc(dirlen + filename_length + 1);
     if (!name) {
         return NULL;
     }
 
     name[0] = '\0';
-    strcat(name, dirname);
-    strcat(name, filename);
+    ethash_strncat(name, dirlen + filename_length + 1, dirname, dirlen);
+    ethash_strncat(name, dirlen + filename_length + 1, filename, filename_length);
     return name;
 }
 
diff --git a/io_posix.c b/io_posix.c
index b356e10a6..7f3d2ec7f 100644
--- a/io_posix.c
+++ b/io_posix.c
@@ -27,6 +27,16 @@
 #include <stdio.h>
 #include <unistd.h>
 
+FILE *ethash_fopen(const char *file_name, const char *mode)
+{
+    return fopen(file_name, mode);
+}
+
+char *ethash_strncat(char *dest, size_t dest_size, const char *src, size_t count)
+{   
+    return strlen(dest) + count + 1 <= dest_size ? strncat(dest, src, count) : NULL;
+}
+
 enum ethash_io_rc ethash_io_prepare(char const *dirname, ethash_h256_t seedhash)
 {
     char read_buffer[DAG_MEMO_BYTESIZE];
@@ -45,7 +55,7 @@ enum ethash_io_rc ethash_io_prepare(char const *dirname, ethash_h256_t seedhash)
     }
 
     // try to open memo file
-    FILE *f = fopen(memofile, "rb");
+    FILE *f = ethash_fopen(memofile, "rb");
     if (!f) {
         // file does not exist, so no checking happens. All is fine.
         ret = ETHASH_IO_MEMO_MISMATCH;
diff --git a/io_win32.c b/io_win32.c
index 02a118f9c..97b81fea1 100644
--- a/io_win32.c
+++ b/io_win32.c
@@ -24,6 +24,17 @@
 #include <errno.h>
 #include <stdio.h>
 
+FILE *ethash_fopen(const char *file_name, const char *mode)
+{
+    FILE *f;
+    return fopen_s(&f, file_name, mode) == 0 ? f : NULL;
+}
+
+char *ethash_strncat(char *dest, size_t dest_size, const char *src, size_t count)
+{   
+    return strncat_s(dest, dest_size, src, count) == 0 ? dest : NULL;
+}
+
 enum ethash_io_rc ethash_io_prepare(char const *dirname, ethash_h256_t seedhash)
 {
     char read_buffer[DAG_MEMO_BYTESIZE];
@@ -42,7 +53,7 @@ enum ethash_io_rc ethash_io_prepare(char const *dirname, ethash_h256_t seedhash)
     }
 
     // try to open memo file
-    FILE *f = fopen(memofile, "rb");
+    FILE *f = ethash_fopen(memofile, "rb");
     if (!f) {
         // file does not exist, so no checking happens. All is fine.
         ret = ETHASH_IO_MEMO_MISMATCH;