Rooba
/
boinc
mirror of https://github.com/BOINC/boinc.git
1
0
Fork 0
Code Issues 1 Packages Projects Releases Wiki Activity

- client: ignore CUDA devices with major versions > 100 

(apparently some report 9999)
- web: security changes: sanitize some params; escape some strings

svn path=/trunk/boinc/; revision=16005
This commit is contained in:
David Anderson 2008-09-16 23:06:37 +00:00
parent 3be692ce7f
commit fd3dbc1058
12 changed files with 56 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
checkin_notes
View File

@ -7455,3 +7455,22 @@ Eric 16 Sept 2008
users with RAC less than <profile_min_credit> with only be displayed if
the viewing user is logged in.
David 16 Sept 2008
- client: ignore CUDA devices with major versions > 100
(apparently some report 9999)
- web: security changes: sanitize some params; escape some strings
html/
inc/
pm.inc
user/
language_select.php
profile_search_action.php
top_hosts.php
top_teams.php
user_search.php
lib/
coproc.C
sched/
census.C
hr_info.C

6
doc/boinc_news.php
View File

@ -1,6 +1,12 @@
<?
$project_news = array(
array("September 15, 2008",
"<a href=https://forja.unex.es/projects/ogm>OGM (Organizational Grid Manager)</a>
has been released by the University of Extremadura.
OGM is a system for grid computing
on organizational resources using BOINC."
),
array("September 4, 2008",
"The talks and tutorials from the upcoming BOINC Workshop
(Sept 10-12) will be broadcast

2
doc/versions.inc
View File

@ -268,7 +268,7 @@ $windowsx64 = array(
$mac = array(
"name"=>"Mac OS X",
"description"=>"Version 10.3+",
"description"=>"Version 10.3.9+",
"dbname" => "powerpc-apple-darwin",
"versions"=>array(
$m6218,

5
html/inc/pm.inc
View File

@ -17,6 +17,7 @@
// along with BOINC. If not, see <http://www.gnu.org/licenses/>.
require_once("boinc_db.inc");
require_once("sanitize_html.inc");
function pm_header() {
echo "<div>\n";
@ -129,8 +130,8 @@ function pm_web_line($notify) {
function pm_send($to_user, $subject, $content) {
global $g_logged_in_user;
$sql_subject = mysql_real_escape_string($subject);
$sql_content = mysql_real_escape_string($content);
$sql_subject = boinc_real_escape_string(strip_tags($subject));
$sql_content = boinc_real_escape_string(strip_tags($content));
$mid = BoincPrivateMessage::insert("(userid, senderid, date, subject, content) VALUES ($to_user->id, $g_logged_in_user->id, UNIX_TIMESTAMP(), '$sql_subject', '$sql_content')");
if (!$mid) {
error_page("Couldn't create message");

2
html/user/language_select.php
View File

@ -58,8 +58,6 @@ echo "
</p>
";
start_table();
row2("Language symbol", "Language name (click to select)");
row2("",

2
html/user/profile_search_action.php
View File

@ -25,6 +25,8 @@ function show_profile_link2($profile, $n) {
}
$search_string = get_str('search_string');
$search_string = strip_tags($search_string);
$search_string = boinc_real_escape_string($search_string);
$offset = get_int('offset', true);
if (!$offset) $offset=0;
$count = 10;

10
html/user/top_hosts.php
View File

@ -44,13 +44,17 @@ function get_top_hosts($offset, $sort_by) {
function hosts_to_store($participants){
return serialize($participants);
}
function store_to_hosts($data){
return unserialize($data);
}
if (isset($_GET["sort_by"])) {
$sort_by = $_GET["sort_by"];
} else {
$sort_by = get_str("sort_by", true);
switch ($sort_by) {
case "total_credit":
case "expavg_credit":
break;
default:
$sort_by = "expavg_credit";
}

9
html/user/top_teams.php
View File

@ -54,9 +54,12 @@ function store_to_teams($data){
return unserialize($data);
}
if (isset($_GET["sort_by"])) {
$sort_by = $_GET["sort_by"];
} else {
$sort_by = get_str("sort_by", true);
switch ($sort_by) {
case "total_credit":
case "expavg_credit":
break;
default:
$sort_by = "expavg_credit";
}

4
html/user/user_search.php
View File

@ -144,8 +144,8 @@ function name_search($filter) {
if (strlen($search_string)<3) {
error_page("search string must be at least 3 characters");
}
$urls = urlencode($search_string);
$s = escape_pattern($search_string);
$s = boinc_real_escape_string($search_string);
$s = escape_pattern($s);
$fields = "id, create_time, name, country, total_credit, expavg_credit, teamid, url, has_profile";
$users = BoincUser::enum_fields($fields, "name like '$s%'", "limit $count");
$n=0;

14
lib/coproc.C
View File

@ -154,20 +154,20 @@ const char* COPROC_CUDA::get(COPROCS& coprocs) {
}
#endif
// NOTE: our design is flawed:
// NOTE: our design is slightly flawed:
// there's no provision for having two coprocs of type CUDA.
// So on systems with two GPUs (possibly of different hardware type)
// we have to count them as two of the same
// So on systems with two GPUs (possibly of different hardware types)
// we have to count them as two of the same type.
//
(*__cudaGetDeviceCount)(&count);
int real_count = 0;
COPROC_CUDA cc, cc2;
for (int i=0; i<count; i++) {
(*__cudaGetDeviceProperties)(&cc.prop, i);
if (cc.prop.major >= 1) { // major == 0 means emulation
cc2 = cc;
real_count++;
}
if (cc.prop.major == 0) break; // major == 0 means emulation
if (cc.prop.major > 100) break; // e.g. 9999 is an error
cc2 = cc;
real_count++;
}
if (real_count) {
COPROC_CUDA* ccp = new COPROC_CUDA;

2
sched/census.C
View File

@ -64,9 +64,11 @@ int main(int argc, char** argv) {
log_messages.printf(MSG_CRITICAL, "Can't open DB\n");
exit(1);
}
log_messages.printf(MSG_NORMAL, "Starting\n");
boinc_db.set_isolation_level(READ_UNCOMMITTED);
hri.init();
hri.scan_db();
hri.write_file();
hri.perf_info.write_file();
log_messages.printf(MSG_NORMAL, "Finished\n");
}

2
sched/hr_info.C
View File

@ -60,7 +60,7 @@ int HR_INFO::read_file() {
for (i=1; i<HR_NTYPES; i++) {
char* p = fgets(buf, sizeof(buf), f);
if (!p) {
fprintf(stderr, "missing delimeter line in HR info");
fprintf(stderr, "missing delimiter line in HR info");
exit(1);
}
for (j=0; j<hr_nclasses[i]; j++) {