Conversation
* Refactor contest ranking logic in contestrank.xls.php * Sanitize nicknames with additional prefix check * Remove '../' from file names in problem import Sanitize file names by removing '../' to prevent directory traversal vulnerabilities. * Add exit to restrict access to proxy.php Added exit statement to prevent unauthorized access. * Update problem_import_hoj.php * Update problem_import_hydro.php * Update problem_import_md.php * Update problem_import_qduoj.php * Update problem_import_syzoj.php * Update problem_import_tyvj.php * Update problem_import_unkownoj.php * Update problem_import_hoj.php * Update my_func.inc.php * Update problem_import.php * Update problem_import_qduoj.php * Update problem_import_hoj.php * Update problem_import_qduoj.php * Update difficulty control standards in common.php * Update mail.php * Fix HTML form attributes in mail.php * Update mail.php * Potential fix for code scanning alert no. 4: Time-of-check time-of-use filesystem race condition (#1118) Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * Potential fix for code scanning alert no. 6: Incorrect return-value check for a 'scanf'-like function (#1120) Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * Potential fix for code scanning alert no. 5: Incorrect return-value check for a 'scanf'-like function (#1119) Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * Update date formatting in submit.php Replaced strftime with date for better date formatting. * Update submit.php --------- Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
catch up
There was a problem hiding this comment.
Pull request overview
Improves the AI API cron worker execution and adjusts child-process reaping in the judge daemon.
Changes:
- Update
cron.phpto iterate over pendingopenai_task_queueitems repeatedly. - Adjust
judged.ccprocess reaping behavior for the PHP cron subprocess and UDP loop path.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
trunk/web/aiapi/cron.php |
Adds a do/while loop intended to keep processing queued AI tasks until none remain. |
trunk/core/judged/judged.cc |
Changes waitpid usage for the PHP cron child and removes a non-blocking reap in the UDP branch. |
Comments suppressed due to low confidence (1)
trunk/web/aiapi/cron.php:53
- This cron handler reads all pending tasks from
openai_task_queueand echoes each AI$responsedirectly to the HTTP client without any authentication or per-user access control. If/cron.phporaiapi/cron.phpis reachable over the web, any caller can trigger processing and read AI explanations (which may include users’ source code and error details) for other users’ submissions, bypassing the access checks enforced incommon.php. Restrict this script to a trusted execution context (e.g., CLI-only or behind a protected endpoint) and avoid returning raw task responses to arbitrary HTTP clients.
$sql="select * from openai_task_queue where status=0 ";
$tasks=pdo_query($sql);
// 设置请求头
$headers = [
'Authorization: Bearer '.$apiKey,
'Content-Type: application/json'
];
$model = $models[array_rand($models)];
foreach($tasks as $task){
$data=$task['request_body'];
if(pdo_query("update openai_task_queue set status=1 where id=? and status=0 ",$task['id'])){
// 初始化cURL会话
$ch = curl_init();
if(!isset($timeout)) $timeout=60;
// 设置cURL选项
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_REFERER, $OJ_NAME );
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
// 执行cURL会话
$response = curl_exec($ch);
// 检查是否有错误发生
if (curl_errno($ch)) {
echo 'Curl error: ' . curl_error($ch);
exit(); // 超时等错误发生时,不将结果入库,下次还能重试。
}
// 关闭cURL资源
curl_close($ch);
// 输出响应结果
echo ($response);
echo "\n\n";
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| $models=array("qwen-turbo","qwen3-coder-480b-a35b-instruct","qwen3-max","qwen3-coder-30b-a3b-instruct"); | ||
| $temperature=0.8; | ||
| $did=0; | ||
| do{ |
There was a problem hiding this comment.
The new do/while loop will never terminate after processing at least one task because $did is initialized once before the loop and is never reset to 0 at the start of each iteration. Once $did becomes >0, the condition while($did>0) stays true even when the next select ... where status=0 returns no rows, causing an infinite/busy loop. Reset $did = 0 at the top of each loop iteration (or use a while(true) that breaks when $tasks is empty).
| do{ | |
| do{ | |
| $did=0; |
| execl("/usr/bin/php", "/usr/bin/php","cron.php", (char *) NULL); | ||
| }else{ | ||
| waitpid(-1, NULL, WNOHANG); // wait 4 one child exit | ||
| waitpid(pidApp, NULL, WNOHANG); // wait 4 one child exit |
There was a problem hiding this comment.
waitpid(pidApp, ..., WNOHANG) is called immediately after fork(), so it usually returns 0 while the PHP cron is still running; when the cron later exits it can remain as a zombie unless the daemon reaps it elsewhere. Consider either (a) periodically calling waitpid(-1, ..., WNOHANG) in the main loop to reap any exited children, (b) installing a SIGCHLD handler that reaps, or (c) using a double-fork so the cron process is adopted by init/systemd.
| } | ||
| if(DEBUG) printf("udp job ... \n"); | ||
| waitpid(-1, NULL, WNOHANG); // wait 4 one child exit | ||
| if(DEBUG) printf("udp job ... \n"); |
There was a problem hiding this comment.
This change removes the only waitpid(-1, ..., WNOHANG) call in the UDP branch. In periods where the daemon is idle and only handling UDP-triggered actions (including run_php_cron()), exited child processes may no longer be reaped, leading to zombie accumulation over time. Reintroduce a non-blocking reap here (or handle SIGCHLD globally) to ensure children are consistently collected.
| $sql="select * from openai_task_queue where status=0 "; | ||
| $tasks=pdo_query($sql); | ||
|
|
There was a problem hiding this comment.
The cron worker uses a plain HTTP endpoint ($url pointing to http://demo.hustoj.com/aiapi/proxy.php) for AI requests, so all queued task payloads and responses are sent over the network without transport-layer encryption. An attacker on the network path (e.g., same LAN/ISP or a compromised router) can intercept or modify these requests and responses, exposing users’ code and error details and allowing tampering with AI output before it is stored. Switch this integration to HTTPS and ensure TLS certificate verification so the connection to the AI proxy is encrypted and authenticated.
No description provided.