<p>In modules/exec/exec.c:</p>
<pre style='color:#555'>> +
> +                if (ferror(pin)) {
> +                        LM_ERR("writing pipe: %s\n", strerror(errno));
> +                        ser_error=E_EXEC;
> +                        goto error;
> +                }
> +                pclose(pin);
> +        }
> +
> +        schedule_to_kill(pid);
> +        wait(&exit_status);
> +
> +        if (outvar) {
> +                while (fgets(tmpbuf, MAX_LINE_SIZE, pout)) {
> +                        tmplen = strlen(tmpbuf);
> +                        memcpy(buf+buflen, tmpbuf, tmplen);
</pre>
<p>Who checks that buf doesn't overflow? And use fread instead of fgets, since you don't care about there the line feeds are.</p>
<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br>Reply to this email directly or <a href="https://github.com/OpenSIPS/opensips/pull/360/files#r18957149">view it on GitHub</a>.<img alt="" height="1" src="https://github.com/notifications/beacon/5479561__eyJzY29wZSI6Ik5ld3NpZXM6QmVhY29uIiwiZXhwaXJlcyI6MTcyOTA4NzkwOSwiZGF0YSI6eyJpZCI6NDU5OTk0NjB9fQ==--619b6a53163492dac96150cd2cfb093949a778fd.gif" width="1" /></p>
<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","description":"View this Pull Request on GitHub","action":{"@type":"ViewAction","url":"https://github.com/OpenSIPS/opensips/pull/360/files#r18957149","name":"View Pull Request"}}</script>