# HG changeset patch
# User rfelker
# Date 1064450164 0
# Node ID 55c9903bd51c1dffe582846f8f08e8e7da13eacd
# Parent  b1c98347784199eb2d2669f6fa0fc7a1272fa58e
simple fix for buffer overflow (remotely exploitable). feel free to
commit a better fix if you don't like it.

diff -r b1c983477841 -r 55c9903bd51c libmpdemux/asf_streaming.c
--- a/libmpdemux/asf_streaming.c	Wed Sep 24 22:24:55 2003 +0000
+++ b/libmpdemux/asf_streaming.c	Thu Sep 25 00:36:04 2003 +0000
@@ -502,11 +502,11 @@
 			return NULL;
 		}
 		http_set_uri( http_hdr, server_url->url );
-		sprintf( str, "Host: %s:%d", server_url->hostname, server_url->port );
+		sprintf( str, "Host: %.220s:%d", server_url->hostname, server_url->port );
 		url_free( server_url );
 	} else {
 		http_set_uri( http_hdr, url->file );
-		sprintf( str, "Host: %s:%d", url->hostname, url->port );
+		sprintf( str, "Host: %.220s:%d", url->hostname, url->port );
 	}
 	
 	http_set_field( http_hdr, str );