src/hg/hgc/retroClick.c 8b7527b0c18aa492ee035bd2e906d1d6ec166343

8b7527b0c18aa492ee035bd2e906d1d6ec166343
baertsch
  Fri Jun 24 19:03:30 2011 -0700
remove itemAdd hardcoding and fix buffer overflow
diff --git src/hg/hgc/retroClick.c src/hg/hgc/retroClick.c
index 07a9c56..8459396 100644
--- src/hg/hgc/retroClick.c
+++ src/hg/hgc/retroClick.c
@@ -16,31 +16,31 @@
 #include "ucscRetroInfo.h"
 #include "ucscRetroOrtho.h"
 #include "genbank.h"
 #include "hui.h"
 /* combine blocks separated by gaps less than this number */
 #define MAXBLOCKGAP 50
 
 /* space to allocate for a id */
 #define ID_BUFSZ 64
 
 struct mappingInfo
 /* various pieces of information about mapping from table name and 
  * retroXxxInfo table */
 {
     char tblPre[64];           /* table prefix */
-    char geneSet[6];           /* source gene set abbrv used in table name */
+    char geneSet[12];           /* source gene set abbrv used in table name */
     struct ucscRetroInfo *pg;  /* general info for retro gene */
     boolean indirect;          /* an indirect mapping */
     char gbAcc[ID_BUFSZ];      /* src accession */
     short gbVer;               /* version from gbId */
     char seqId[ID_BUFSZ];      /* id used to look up sequence, different than
                                 * srcAcc if multiple levels of mappings have
                                 * been done */
     char suffix[ID_BUFSZ];
     char *sym;                 /* src gene symbol and desc */
     char *desc;
     short gbCurVer;            /* version from genbank table */
 };
 
 static void parseSrcId(struct mappingInfo *mi)
 /* parse srcId parts and save in mi */
@@ -113,54 +113,54 @@
     mi->desc = cloneString(row[2]);
     }
 sqlFreeResult(&sr);
 }
 
 static struct mappingInfo *mappingInfoNew(struct sqlConnection *conn,
                                           char *tbl, char *mappedId)
 /* load mapping info for a mapped gene */
 {
 struct mappingInfo *mi;
 int preLen;
 char *suffix = containsStringNoCase(tbl,"Info");
 int suffixLen = 4;
 AllocVar(mi);
 if (startsWith("retroAnc", tbl))
-    strcpy(mi->tblPre, "retroAnc");
+    safef(mi->tblPre, sizeof(mi->tblPre), "retroAnc");
 else if (startsWith("retroOld", tbl))
-    strcpy(mi->tblPre, "retroOld");
+    safef(mi->tblPre, sizeof(mi->tblPre), "retroOld");
 else if (startsWith("retro", tbl))
-    strcpy(mi->tblPre, "retro");
+    safef(mi->tblPre, sizeof(mi->tblPre), "retro");
 else
     {
-    strcpy(mi->tblPre, "ucsc");
+    safef(mi->tblPre, sizeof(mi->tblPre), "ucsc");
     suffix = containsStringNoCase(tbl,"Ali");
     suffixLen = 3;
     }
 if (suffix != NULL)
     {
     suffix +=suffixLen;
     safef(mi->suffix,ID_BUFSZ,"%s",suffix);
     }
 
 preLen = strlen(mi->tblPre);
 if (startsWith("retroAugust", tbl))
-    strcpy(mi->geneSet, "August");
+    safef(mi->geneSet, sizeof(mi->geneSet), "August");
 else if (startsWith("retro", tbl))
-    strcpy(mi->geneSet, "Mrna");
+    safef(mi->geneSet, sizeof(mi->geneSet), "Mrna");
 else
-    strcpy(mi->geneSet, "Retro");
+    safef(mi->geneSet, sizeof(mi->geneSet), "Retro");
 if (suffix != NULL && strlen(suffix) > 0)
     mi->pg = sqlQueryObjs(conn, (sqlLoadFunc)ucscRetroInfoLoad, sqlQueryMust|sqlQuerySingle,
                       "select * from %s%sInfo%s where name='%s'", mi->tblPre, mi->geneSet, suffix,
                        mappedId);
 else
     {
     mi->pg = sqlQueryObjs(conn, (sqlLoadFunc)ucscRetroInfoLoad, sqlQueryMust|sqlQuerySingle,
                       "select * from %s%sInfo where name='%s'", mi->tblPre, mi->geneSet,
                        mappedId);
     }
 parseSrcId(mi);
 getGenbankInfo(conn, mi);
 return mi;
 }