2a0ba6e0ee799bf7bc55c5b30deb2c8835dfdda9
angie
  Fri Dec 2 14:15:10 2011 -0800
Fix for buffer overflow case found by Brooke, in vcfToPgSnp allele-abbreviating code.
diff --git src/hg/hgTracks/vcfTrack.c src/hg/hgTracks/vcfTrack.c
index cbe089a..df1ef57 100644
--- src/hg/hgTracks/vcfTrack.c
+++ src/hg/hgTracks/vcfTrack.c
@@ -168,31 +168,31 @@
 static struct pgSnp *vcfFileToPgSnp(struct vcfFile *vcff, struct trackDb *tdb)
 /* Convert vcff's records to pgSnp; don't free vcff until you're done with pgSnp
  * because it contains pointers into vcff's records' chrom. */
 {
 struct pgSnp *pgsList = NULL;
 struct vcfRecord *rec;
 int maxLen = 33;
 int maxAlCount = 5;
 for (rec = vcff->records;  rec != NULL;  rec = rec->next)
     {
     struct pgSnp *pgs = pgSnpFromVcfRecord(rec);
     // Insertion sequences can be quite long; abbreviate here for display.
     int len = strlen(pgs->name);
     if (len > maxLen)
 	{
-	int maxAlLen = maxLen / min(rec->alleleCount, maxAlCount);
+	int maxAlLen = (maxLen / min(rec->alleleCount, maxAlCount)) - 1;
 	pgs->name[0] = '\0';
 	int i;
 	for (i = 0;  i < rec->alleleCount;  i++)
 	    {
 	    if (i > 0)
 		safencat(pgs->name, len+1, "/", 1);
 	    if (i >= maxAlCount)
 		{
 		safecat(pgs->name, len+1, "...");
 		pgs->alleleCount = maxAlCount;
 		break;
 		}
 	    if (strlen(rec->alleles[i]) > maxAlLen-3)
 		strcpy(rec->alleles[i]+maxAlLen-3, "...");
 	    safencat(pgs->name, len+1, rec->alleles[i], maxAlLen);