080a160c7b9595d516c9c70e83689a09b60839d0 galt Mon Jun 3 12:16:53 2013 -0700 fix SQL Injection diff --git src/hg/hgPcr/hgPcr.c src/hg/hgPcr/hgPcr.c index bd51c60..20f0b15 100644 --- src/hg/hgPcr/hgPcr.c +++ src/hg/hgPcr/hgPcr.c @@ -61,31 +61,31 @@ char *host; /* Name of machine hosting server. */ char *port; /* Port that hosts server. */ struct targetDb *targetDb; /* All of the info about the target. */ }; struct pcrServer *getServerList() /* Get list of available servers. */ { struct pcrServer *serverList = NULL, *server; struct sqlConnection *conn = hConnectCentral(); struct sqlResult *sr; char **row; /* Do a little join to get data to fit into the pcrServer. */ sr = sqlGetResult(conn, - "select dbDb.name,dbDb.genome,dbDb.description,blatServers.host," + "NOSQLINJ select dbDb.name,dbDb.genome,dbDb.description,blatServers.host," "blatServers.port,dbDb.nibPath " "from dbDb,blatServers where " "dbDb.name = blatServers.db " "and blatServers.canPcr = 1 order by dbDb.orderKey" ); while ((row = sqlNextRow(sr)) != NULL) { AllocVar(server); server->db = cloneString(row[0]); server->genome = cloneString(row[1]); server->description = cloneString(row[2]); server->host = cloneString(row[3]); server->port = cloneString(row[4]); server->seqDir = cloneString(row[5]); slAddHead(&serverList, server); } @@ -108,56 +108,55 @@ return server; } errAbort("Can't find a server for PCR database %s\n", db); return NULL; } struct targetPcrServer *getTargetServerList(char *db, char *name) /* Get list of available non-genomic-assembly target pcr servers associated * with db (and name, if not NULL). There may be none -- that's fine. */ { struct targetPcrServer *serverList = NULL, *server; struct sqlConnection *conn = hConnectCentral(); struct sqlConnection *conn2 = hAllocConn(db); struct sqlResult *sr; char **row; -char query[2048]; +struct dyString *dy = dyStringNew(0); -safef(query, sizeof(query), +sqlDyStringPrintf(dy, "select b.host, b.port, t.* from targetDb as t, blatServers as b " - "where b.db = t.name and t.db = '%s' and b.canPcr = 1 " - "%s%s%s" - "order by t.priority", - db, - isNotEmpty(name) ? "and t.name = '" : "", - isNotEmpty(name) ? name : "", - isNotEmpty(name) ? "' " : ""); -sr = sqlGetResult(conn, query); + "where b.db = t.name and t.db = '%s' and b.canPcr = 1 ", + db); +if (isNotEmpty(name)) + sqlDyStringPrintf(dy, "and t.name = '%s' ", name); +dyStringAppend(dy, "order by t.priority"); +sr = sqlGetResult(conn, dy->string); while ((row = sqlNextRow(sr)) != NULL) { /* Keep this server only if its timestamp is newer than the tables * and file on which it depends. */ struct targetDb *target = targetDbMaybeLoad(conn2, row+2); if (target != NULL) { AllocVar(server); server->host = cloneString(row[0]); server->port = cloneString(row[1]); server->targetDb = target; slAddHead(&serverList, server); } } +dyStringFree(&dy); sqlFreeResult(&sr); hDisconnectCentral(&conn); hFreeConn(&conn2); slReverse(&serverList); return serverList; } void doHelp() /* Print up help page */ { puts( "In-Silico PCR searches a sequence database with a pair of\n" "PCR primers, using an indexing strategy for fast performance.\n" "\n" "

Configuration Options

\n"