squid-1.1.alpha7 core dumps

our squid-1.1.alpha7 core dumps six times last night on an UltraSPARC
machine. adb on the core shows:

---------------------
core file=/usr/local/squid/bin/core -- prgrm ``squid'' on platform SUNW,Ultra-1
SIGABRT: Abort
$?
no process
SIGABRT: Abort
g0 0x0 l0 0x9e400 key_temp_buffer+0xfbf
g1 0x25 l1 0x9e400 key_temp_buffer+0xfbf
g2 0x6d400 tmp_line.149+0x104 l2 0x6b800
g3 0xae050 htbl+0x54 l3 0x6b800
g4 0x0 l4 0xae5b0 any_addr+0x58
g5 0x0 l5 0x9e400 key_temp_buffer+0xfbf
g6 0x0 l6 0x32094ec2
g7 0x0 l7 0xef60e2d8
o0 0x0 i0 0x0
o1 0x6 i1 0xae590 any_addr+0x38
o2 0x0 i2 0xb
o3 0x0 i3 0x0
o4 0xffffffff i4 0xeffff51c
o5 0xae6a0 any_addr+0x148 i5 0x1
sp 0xeffff440 fp 0xeffff4d0
o7 0xef5ba57c abort+0x114 i7 0x42658 death+0x78
y 0x0
tstate: 4482001a02 (ccr=0x44, asi=0x82, pstate=0x1a, cwp=0x2)
pstate: ag:0 ie:1 priv:0 am:1 pef:1 mm:0 tle:0 cle:0 mg:0 ig:0
pc 0xef5f40d8 _kill+8: bgeu _kill + 0x30
npc 0xef5f40dc _kill+0xc: mov %o7, %g1
$q
---------------------

palo5:squid-1.1.alpha7/src# grep key_temp_buffer *.c

store.c:static char key_temp_buffer[MAX_URL + 100];
store.c: key_temp_buffer[0] = '\0';
store.c: sprintf(key_temp_buffer, "%d/%s/%s",
store.c: return key_temp_buffer;
store.c: sprintf(key_temp_buffer, "/post/%s", url);
store.c: return key_temp_buffer;
store.c: sprintf(key_temp_buffer, "/put/%s", url);
store.c: return key_temp_buffer;
store.c: sprintf(key_temp_buffer, "/head/%s", url);
store.c: return key_temp_buffer;
store.c: sprintf(key_temp_buffer, "/connect/%s", url);
store.c: return key_temp_buffer;

---------------------

palo5:squid-1.1.alpha7/src# grep MAX_URL *.h

url.h:#define MAX_URL 4096
url.h: char urlpath[MAX_URL + 1];

---------------------

I gather we got a URL longer than 4196 char and it overflow the array.
What's the rational behind MAX_URL==4096 in the first place?

---
Ivan Leong  <ivanl@pacific.net.sg>     the power to move
Systems Engineer, Pacific Internet     http://ilsp.pacific.net.sg