080a160c7b9595d516c9c70e83689a09b60839d0 galt Mon Jun 3 12:16:53 2013 -0700 fix SQL Injection diff --git src/hg/hgc/dbRIP.c src/hg/hgc/dbRIP.c index 4539c32..2d06e97 100644 --- src/hg/hgc/dbRIP.c +++ src/hg/hgc/dbRIP.c @@ -17,31 +17,31 @@ /* used by slSort to sort the polyGenotype in order of ethnic group name */ { const struct polyGenotype *p1 = *((struct polyGenotype**)e1); const struct polyGenotype *p2 = *((struct polyGenotype**)e2); return(strcmp(p1->ethnicGroup, p2->ethnicGroup)); } static void polyTable(char *name) { struct sqlConnection *conn = hAllocConn(database); char query[256]; struct sqlResult *sr; char **row; struct polyGenotype *pgList = NULL; -sprintf(query, "select * from polyGenotype where name = '%s'", name); +sqlSafef(query, sizeof query, "select * from polyGenotype where name = '%s'", name); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { struct polyGenotype *pg; AllocVar(pg); pg = polyGenotypeLoad(row); slAddHead(&pgList, pg); } sqlFreeResult(&sr); hFreeConn(&conn); if (slCount(pgList) > 0) { struct polyGenotype *pg; @@ -153,34 +153,34 @@ { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr = NULL; char table[64]; boolean hasBin; struct dbRIP *loadItem; struct dyString *query = newDyString(512); char **row; boolean firstTime = TRUE; int start = cartInt(cart, "o"); int itemCount = 0; genericHeader(tdb, item); hFindSplitTable(database, seqName, tdb->table, table, &hasBin); -dyStringPrintf(query, "select * from %s where chrom = '%s' and ", +sqlDyStringPrintf(query, "select * from %s where chrom = '%s' and ", table, seqName); hAddBinToQuery(winStart, winEnd, query); -dyStringPrintf(query, "name = '%s' and chromStart = %d", item, start); +sqlDyStringPrintf(query, "name = '%s' and chromStart = %d", item, start); sr = sqlGetResult(conn, query->string); while ((row = sqlNextRow(sr)) != NULL) { if (firstTime) firstTime = FALSE; else htmlHorizontalLine(); ++itemCount; loadItem = dbRIPLoad(row+hasBin); printf("<B>Database ID:</B> %s<BR>\n", loadItem->name); printf("<B>Original ID:</B> %s<BR>\n", loadItem->originalId); printf("<B>Class:</B> %s<BR>\n", loadItem->polyClass); printf("<B>Family:</B> %s<BR>\n", loadItem->polyFamily); printf("<B>Subfamily:</B> %s<BR>\n", loadItem->polySubfamily); printf("<B>Associated Disease:</B> %s<BR>\n", loadItem->disease);