Since the buffer always was large enough, this bug didn't have any
effect in practice.
Originally committed as revision 23447 to svn://svn.ffmpeg.org/ffmpeg/trunk
snprintf(authstr, len, "Authorization: Basic ");
ptr = authstr + strlen(authstr);
av_base64_encode(ptr, auth_b64_len, auth, strlen(auth));
- av_strlcat(ptr, "\r\n", len);
+ av_strlcat(ptr, "\r\n", len - (ptr - authstr));
} else if (state->auth_type == HTTP_AUTH_DIGEST) {
char *username = av_strdup(auth), *password;