wget [REDACTED]: stack buffer overflow via strcpy/date parsing

In wget's [REDACTED] VMS/FTP listing parser, date_str is a fixed 32-byte stack buffer but is populated using strcpy(date_str, tok) where tok comes from parsing remote directory listing lines. The code only checks strlen(tok) < 12, but uses strcat(date_str, " ") afterward, and in other branches can lead to off-by-one/insufficient bounds. Remote-controlled listing data can overflow date_str leading to memory corruption.