src/hg/hgTracks/menu.c 080a160c7b9595d516c9c70e83689a09b60839d0

080a160c7b9595d516c9c70e83689a09b60839d0
galt
  Mon Jun 3 12:16:53 2013 -0700
fix SQL Injection
diff --git src/hg/hgTracks/menu.c src/hg/hgTracks/menu.c
index 25cad17..f211460 100644
--- src/hg/hgTracks/menu.c
+++ src/hg/hgTracks/menu.c
@@ -89,31 +89,31 @@
 ensUrl = ensContigViewUrl(database, dir, name, seqBaseCount, start+1, end, archive);
 appendLink(links, ensUrl->string, "Ensembl", "ensemblLink", TRUE);
 /* NOTE: you can not freeMem(dir) because sometimes it is a literal
  * constant */
 freeMem(scientificName);
 dyStringFree(&ensUrl);
 }
 
 static void fr2ScaffoldEnsemblLink(char *archive, struct hotLink **links)
 /* print out Ensembl link to appropriate scaffold there */
 {
 struct sqlConnection *conn = hAllocConn(database);
 struct sqlResult *sr = NULL;
 char **row = NULL;
 char query[256];
-safef(query, sizeof(query),
+sqlSafef(query, sizeof(query),
 "select * from chrUn_gold where chrom = '%s' and chromStart<%u and chromEnd>%u",
 chromName, winEnd, winStart);
 sr = sqlGetResult(conn, query);
 
 int itemCount = 0;
 struct agpFrag *agpItem = NULL;
 while ((row = sqlNextRow(sr)) != NULL)
     {
     agpFragFree(&agpItem);  // if there is a second one
     agpItem = agpFragLoad(row+1);
     ++itemCount;
     if (itemCount > 1)
 	break;
     }
 sqlFreeResult(&sr);
@@ -181,31 +181,31 @@
             {
             //	which table to check
             char *ctgPos = "ctgPos";
 
             if (sameWord(database,"fr2"))
                 fr2ScaffoldEnsemblLink(archive, &links);
             else if (hTableExists(database, UCSC_TO_ENSEMBL))
                 printEnsemblAnchor(database, archive, chromName, winStart, winEnd, &links);
             else if (hTableExists(database, ctgPos))
                 /* see if we are entirely within a single contig */
                 {
                 struct sqlConnection *conn = hAllocConn(database);
                 struct sqlResult *sr = NULL;
                 char **row = NULL;
                 char query[256];
-                safef(query, sizeof(query),
+                sqlSafef(query, sizeof(query),
                       "select * from %s where chrom = '%s' and chromStart<%u and chromEnd>%u",
                       ctgPos, chromName, winEnd, winStart);
                 sr = sqlGetResult(conn, query);
 
                 int itemCount = 0;
                 struct ctgPos *ctgItem = NULL;
                 while ((row = sqlNextRow(sr)) != NULL)
                     {
                     ctgPosFree(&ctgItem);   // if there is a second one
                     ctgItem = ctgPosLoad(row);
                     ++itemCount;
                     if (itemCount > 1)
                         break;
                     }
                 sqlFreeResult(&sr);