--- wget-1.10.1/src/http-ntlm.c.org	2005-10-13 15:29:07 +0300
+++ wget-1.10.1/src/http-ntlm.c	2005-10-13 15:32:16 +0300
@@ -314,7 +314,7 @@
   int domoff;  /* domain name offset */
   int size;
   char *base64;
-  char ntlmbuf[256]; /* enough, unless the host/domain is very long */
+  char *ntlmbuf;
 
   /* point to the address of the pointer that holds the string to sent to the
      server, which is for a plain host or for a HTTP proxy */
@@ -334,6 +334,7 @@
   default: /* for the weird cases we (re)start here */
     hostoff = 32;
     domoff = hostoff + hostlen;
+    ntlmbuf = (char *)alloca( 32 + hostlen + domlen);
 
     DEBUGP (("Creating a type-1 NTLM message.\n"));
     
@@ -437,6 +438,8 @@
       usr = user;
     userlen = strlen(usr);
 
+    ntlmbuf = (char *)alloca( 64 + domlen + userlen);
+
     mkhash(passwd, &ntlm->nonce[0], lmresp
 #ifdef USE_NTRESPONSES
            , ntresp