<p>In modules/exec/exec.c:</p>
<pre style='color:#555'>&gt; +
&gt; +                if (ferror(pin)) {
&gt; +                        LM_ERR(&quot;writing pipe: %s\n&quot;, strerror(errno));
&gt; +                        ser_error=E_EXEC;
&gt; +                        goto error;
&gt; +                }
&gt; +                pclose(pin);
&gt; +        }
&gt; +
&gt; +        schedule_to_kill(pid);
&gt; +        wait(&amp;exit_status);
&gt; +
&gt; +        if (outvar) {
&gt; +                while (fgets(tmpbuf, MAX_LINE_SIZE, pout)) {
&gt; +                        tmplen = strlen(tmpbuf);
&gt; +                        memcpy(buf+buflen, tmpbuf, tmplen);
</pre>
<p>Who checks that buf doesn't overflow? And use fread instead of fgets, since you don't care about there the line feeds are.</p>

<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">&mdash;<br>Reply to this email directly or <a href="https://github.com/OpenSIPS/opensips/pull/360/files#r18957149">view it on GitHub</a>.<img alt="" height="1" src="https://github.com/notifications/beacon/5479561__eyJzY29wZSI6Ik5ld3NpZXM6QmVhY29uIiwiZXhwaXJlcyI6MTcyOTA4NzkwOSwiZGF0YSI6eyJpZCI6NDU5OTk0NjB9fQ==--619b6a53163492dac96150cd2cfb093949a778fd.gif" width="1" /></p>
<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","description":"View this Pull Request on GitHub","action":{"@type":"ViewAction","url":"https://github.com/OpenSIPS/opensips/pull/360/files#r18957149","name":"View Pull Request"}}</script>