080a160c7b9595d516c9c70e83689a09b60839d0 galt Mon Jun 3 12:16:53 2013 -0700 fix SQL Injection diff --git src/hg/das/das.c src/hg/das/das.c index e356ee1..166582d 100644 --- src/hg/das/das.c +++ src/hg/das/das.c @@ -226,31 +226,31 @@ lineFileClose(&lf); return disabled; } static struct hash *mkTrackTypeHash() /* build a hash of track name to type */ { struct sqlConnection *conn = hAllocConn(database); struct hash *hash = hashNew(10); struct slName *trackDb, *trackDbs = hTrackDbList(); for (trackDb = trackDbs; trackDb != NULL; trackDb = trackDb->next) { if (sqlTableExists(conn, trackDb->name)) { char query[128]; - safef(query, sizeof(query), "select tableName,type,settings from %s", trackDb->name); + sqlSafef(query, sizeof(query), "select tableName,type,settings from %s", trackDb->name); struct sqlResult *sr = sqlGetResult(conn, query); char **row; while ((row = sqlNextRow(sr)) != NULL) { if (dasableType(row[1]) && !disabledViaSettings(row[2]) && (hashLookup(hash, row[0]) == NULL)) hashAdd(hash, row[0], NULL); } sqlFreeResult(&sr); } } slFreeList(&trackDbs); hFreeConn(&conn); return hash; } @@ -291,31 +291,31 @@ return hashLookup(skips, name) != NULL; } static struct tableDef *getTables() /* Get all tables. */ { struct sqlConnection *conn = hAllocConn(database); struct hash *hash = newHash(0); struct tableDef *tdList = NULL, *td; struct sqlResult *sr; char **row; char *table, *root; boolean isSplit, hasBin; char chromField[32], startField[32], endField[32]; -sr = sqlGetResult(conn, "show tables"); +sr = sqlGetResult(conn, "NOSQLINJ show tables"); while ((row = sqlNextRow(sr)) != NULL) { table = root = row[0]; if (hFindFieldsAndBin(database, table, chromField, startField, endField, &hasBin)) { isSplit = tableIsSplit(table); if (isSplit) root = skipOverChrom(table); if (!skipTable(root) && dasableTrack(root)) { if ((td = hashFindVal(hash, root)) == NULL) { AllocVar(td); slAddHead(&tdList, td); hashAdd(hash, root, td); @@ -582,80 +582,80 @@ static int countFeatures(struct tableDef *td, struct segment *segmentList) /* Count all the features in a given segment. */ { struct segment *segment; int acc = 0; struct sqlConnection *conn = hAllocConn(database); char chrTable[256]; char query[512]; struct slName *n; if (segmentList == NULL) { if (td->splitTables == NULL) { - sprintf(query, "select count(*) from %s", td->name); + sqlSafef(query, sizeof query, "select count(*) from %s", td->name); acc = sqlQuickNum(conn, query); } else { for (n = td->splitTables; n != NULL; n = n->next) { - sprintf(query, "select count(*) from %s", n->name); + sqlSafef(query, sizeof query, "select count(*) from %s", n->name); acc += sqlQuickNum(conn, query); } } } else { for (segment = segmentList; segment != NULL; segment = segment->next) { if (segment->wholeThing) { if (td->splitTables == NULL) { - sprintf(query, "select count(*) from %s where %s = '%s'", + sqlSafef(query, sizeof query, "select count(*) from %s where %s = '%s'", td->name, td->chromField, segment->seq); acc += sqlQuickNum(conn, query); } else { sprintf(chrTable, "%s_%s", segment->seq, td->name); if (sqlTableExists(conn, chrTable)) { - sprintf(query, "select count(*) from %s", + sqlSafef(query, sizeof query, "select count(*) from %s", chrTable); acc += sqlQuickNum(conn, query); } } } else { if (td->splitTables == NULL) { - sprintf(query, "select count(*) from %s where %s = '%s' and %s < %d and %s > %d", + sqlSafef(query, sizeof query, "select count(*) from %s where %s = '%s' and %s < %d and %s > %d", td->name, td->chromField, segment->seq, td->startField, segment->end, td->endField, segment->start); acc += sqlQuickNum(conn, query); } else { sprintf(chrTable, "%s_%s", segment->seq, td->name); if (sqlTableExists(conn, chrTable)) { - sprintf(query, "select count(*) from %s where %s < %d and %s > %d", chrTable, + sqlSafef(query, sizeof query, "select count(*) from %s where %s < %d and %s > %d", chrTable, td->startField, segment->end, td->endField, segment->start); acc += sqlQuickNum(conn, query); } } } } } hFreeConn(&conn); return acc; } static void doTypes() /* Handle a types request. */ { @@ -949,31 +949,31 @@ static void doEntryPoints() /* Handle entry points request. */ { struct sqlConnection *conn; struct sqlResult *sr; char **row; struct chromInfo *ci; normalHeader(); conn = hAllocConn(database); printf("<!DOCTYPE DASEP SYSTEM \"http://www.biodas.org/dtd/dasep.dtd\">\n"); printf("<DASEP>\n"); printf("<ENTRY_POINTS href=\"%s\" version=\"7.00\">\n", currentUrl()); -sr = sqlGetResult(conn, "select * from chromInfo"); +sr = sqlGetResult(conn, "NOSQLINJ select * from chromInfo"); while ((row = sqlNextRow(sr)) != NULL) { ci = chromInfoLoad(row); /* "chr"-less chromosome ID for clients such as Ensembl: */ if (startsWith("chr", ci->chrom)) printf(" <SEGMENT id=\"%s\" start=\"%d\" stop=\"%d\" orientation=\"+\" subparts=\"no\">%s</SEGMENT>\n", ci->chrom+3, 1, ci->size, ci->chrom+3); else printf(" <SEGMENT id=\"%s\" start=\"%d\" stop=\"%d\" orientation=\"+\" subparts=\"no\">%s</SEGMENT>\n", ci->chrom, 1, ci->size, ci->chrom); chromInfoFree(&ci); } printf("</ENTRY_POINTS>\n"); printf("</DASEP>\n"); }