080a160c7b9595d516c9c70e83689a09b60839d0 galt Mon Jun 3 12:16:53 2013 -0700 fix SQL Injection diff --git src/hg/hgc/hgc.c src/hg/hgc/hgc.c index 427e5e7..974a85a 100644 --- src/hg/hgc/hgc.c +++ src/hg/hgc/hgc.c @@ -574,31 +574,31 @@ /* Clip start/end coordinates to fit in chromosome. */ { static int chromSize = -1; if (chromSize < 0) chromSize = hChromSize(database, seqName); if (*pStart < 0) *pStart = 0; if (*pEnd > chromSize) *pEnd = chromSize; return *pStart < *pEnd; } struct genbankCds getCds(struct sqlConnection *conn, char *acc) /* obtain and parse the CDS, errAbort if not found or invalid */ { char query[256]; -safef(query, sizeof(query), "select cds.name from gbCdnaInfo,cds where (acc=\"%s\") and (cds.id=cds)", +sqlSafef(query, sizeof(query), "select cds.name from gbCdnaInfo,cds where (acc=\"%s\") and (cds.id=cds)", acc); char *cdsStr = sqlQuickString(conn, query); if (cdsStr == NULL) errAbort("no CDS found for %s", acc); struct genbankCds cds; if (!genbankCdsParse(cdsStr, &cds)) errAbort("can't parse CDS for %s: %s", acc, cdsStr); return cds; } void printCappedSequence(int start, int end, int extra) /* Print DNA from start to end including extra at either end. * Capitalize bits from start to end. */ @@ -1062,31 +1062,31 @@ } void genericSampleClick(struct sqlConnection *conn, struct trackDb *tdb, char *item, int start, int smpSize) /* Handle click in generic sample (wiggle) track. */ { char table[64]; boolean hasBin; struct sample *smp; char query[512]; struct sqlResult *sr; char **row; boolean firstTime = TRUE; hFindSplitTable(database, seqName, tdb->table, table, &hasBin); -sprintf(query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", +sqlSafef(query, sizeof query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", table, item, seqName, start); /*errAbort( "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", table, item, seqName, start);*/ sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { if (firstTime) firstTime = FALSE; else htmlHorizontalLine(); smp = sampleLoad(row+hasBin); samplePrintPos(smp, smpSize); @@ -1125,37 +1125,37 @@ * it contains the 100K top-scorers in the entire track, and filterCt * is the threshold for how many are candidates for display. */ { struct sqlResult *sr = NULL; char **row = NULL; struct bed *bedList = NULL, *bed = NULL; char table[64]; boolean hasBin = FALSE; char query[512]; if (filterTable) { /* Track display only shows top-scoring N elements -- restrict * the list to these. Get them from the filter table */ hasBin = hOffsetPastBin(database, hDefaultChrom(database), filterTable); - safef(query, sizeof(query), "select * from %s order by score desc limit %d", + sqlSafef(query, sizeof(query), "select * from %s order by score desc limit %d", filterTable, filterCt); } else { hFindSplitTable(database, seqName, tdb->table, table, &hasBin); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and chromEnd > %d and " "chromStart < %d order by score desc", table, seqName, winStart, winEnd); } sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { bed = bedLoadN(row+hasBin, 5); if (!filterTable || ( sameString(bed->chrom, seqName) && bed->chromStart < winEnd && bed->chromEnd > winStart)) { slAddHead(&bedList, bed); } @@ -1242,31 +1242,31 @@ if (title==NULL) // Must have title continue; *title = '\0'; title++; if ((table = strchr(words[ix],'.')) == NULL) table = tdb->table; else { *table++ = '\0'; // assigns before advance if ((words[ix] = strchr(table,'.')) != NULL) { *words[ix] = '\0'; column = ++words[ix]; // advance before assigns } } - safef(query,sizeof(query),"select chrom,chromStart,chromEnd from %s.%s where %s=\"%s\";", + sqlSafef(query,sizeof(query),"select chrom,chromStart,chromEnd from %s.%s where %s=\"%s\";", db,table,column,name); struct sqlResult *sr = sqlGetResult(conn, query); if (sr == NULL) continue; char **row = sqlNextRow(sr); if (row == NULL) continue; char *chrom = *row++; int beg = atoi(*row++); int end = atoi(*row); if (!gotOne) { gotOne = TRUE; printf("

The item \"%s\" has been located in other genomes:\n