080a160c7b9595d516c9c70e83689a09b60839d0 galt Mon Jun 3 12:16:53 2013 -0700 fix SQL Injection diff --git src/hg/hgc/regMotif.c src/hg/hgc/regMotif.c index a02fdf0..90ec524 100644 --- src/hg/hgc/regMotif.c +++ src/hg/hgc/regMotif.c @@ -83,31 +83,31 @@ static void dnaMotifPrintProbTable(struct dnaMotif *motif, FILE *f) /* Print DNA motif probabilities. */ { printProbRow(f, "A", motif->aProb, motif->columnCount); printProbRow(f, "C", motif->cProb, motif->columnCount); printProbRow(f, "G", motif->gProb, motif->columnCount); printProbRow(f, "T", motif->tProb, motif->columnCount); } struct dnaMotif *loadDnaMotif(char *motifName, char *motifTable) /* Load dnaMotif from table. */ { struct sqlConnection *conn = hAllocConn(database); char query[256]; struct dnaMotif *motif; -sprintf(query, "name = '%s'", motifName); +sqlSafef(query, sizeof query, "name = '%s'", motifName); motif = dnaMotifLoadWhere(conn, motifTable, query); hFreeConn(&conn); return motif; } void motifMultipleHitsSection(struct dnaSeq **seqs, int count, struct dnaMotif *motif) /* Print out section about motif, possibly with mutliple occurrences. */ { webNewSection("Motif:"); printf("<PRE>\n"); printf("<table>\n"); if (motif != NULL) { @@ -160,31 +160,31 @@ { int start = cartInt(cart, "o"); struct dnaSeq *seq = NULL; struct dnaMotif *motif = loadDnaMotif(item, motifTable); char *table = tdb->table; int rowOffset = hOffsetPastBin(database, seqName, table); char query[256]; struct sqlResult *sr; char **row; struct bed *hit = NULL; struct sqlConnection *conn = hAllocConn(database); cartWebStart(cart, database, "Regulatory Motif Info"); genericBedClick(conn, tdb, item, start, 6); -sprintf(query, +sqlSafef(query, sizeof query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", table, item, seqName, start); sr = sqlGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) hit = bedLoadN(row + rowOffset, 6); sqlFreeResult(&sr); if (hit != NULL) { seq = hDnaFromSeq(database, hit->chrom, hit->chromStart, hit->chromEnd, dnaLower); if (hit->strand[0] == '-') reverseComplement(seq->dna, seq->size); } motifHitSection(seq, motif); @@ -196,34 +196,34 @@ { struct dyString *query = newDyString(256); struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr = NULL; char **row; int start = cartInt(cart, "o"); int end = cartInt(cart, "t"); char fullTable[64]; boolean hasBin = FALSE; char *motifTable = "flyregMotif"; struct dnaMotif *motif = NULL; boolean isVersion2 = sameString(tdb->table, "flyreg2"); genericHeader(tdb, item); hFindSplitTable(database, seqName, tdb->table, fullTable, &hasBin); -dyStringPrintf(query, "select * from %s where chrom = '%s' and ", +sqlDyStringPrintf(query, "select * from %s where chrom = '%s' and ", fullTable, seqName); hAddBinToQuery(start, end, query); -dyStringPrintf(query, "chromStart = %d and name = '%s'", start, item); +sqlDyStringPrintf(query, "chromStart = %d and name = '%s'", start, item); sr = sqlGetResult(conn, query->string); if ((row = sqlNextRow(sr)) != NULL) { struct flyreg2 fr; if (isVersion2) flyreg2StaticLoad(row+hasBin, &fr); else flyregStaticLoad(row+hasBin, (struct flyreg *)(&fr)); printf("<B>Factor:</B> %s<BR>\n", fr.name); printf("<B>Target:</B> %s<BR>\n", fr.target); if (isVersion2) printf("<B>Footprint ID:</B> %06d<BR>\n", fr.fpid); printf("<B>PubMed ID:</B> <A HREF=\""); printEntrezPubMedUidUrl(stdout, fr.pmid); printf("\" TARGET=_BLANK>%d</A><BR>\n", fr.pmid); @@ -242,31 +242,31 @@ hFreeConn(&conn); if (motif != NULL) webNewSection(tdb->longLabel); printTrackHtml(tdb); } static void wrapHgGeneLink(struct sqlConnection *conn, char *name, char *label, char *geneTable) /* Wrap label with link to hgGene if possible. */ { char query[256]; struct sqlResult *sr; char **row; int rowOffset = hOffsetPastBin(database, seqName, "sgdGene"); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where name = '%s'", geneTable, name); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { struct genePred *gp = genePredLoad(row+rowOffset); printf("<A HREF=\"../cgi-bin/hgGene?db=%s", database); printf("&hgg_gene=%s", gp->name); printf("&hgg_chrom=%s", gp->chrom); printf("&hgg_start=%d", gp->txStart); printf("&hgg_end=%d", gp->txEnd); printf("\">"); printf("%s", label); printf("</A>"); } else @@ -278,56 +278,56 @@ /* Print anchor to transRegCode details page. */ { printf("<A HREF=\"../cgi-bin/hgc?%s", cartSidUrlString(cart)); printf("&g=transRegCode"); printf("&i=%s", trc->name); printf("&o=%d", trc->chromStart); printf("&c=%s", trc->chrom); printf("\">"); } static void sacCerHgGeneLinkName(struct sqlConnection *conn, char *name) /* Wrap link to hgGene if possible around yeast gene name. */ { char query[256]; char *orf; -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select name from sgdToName where value = '%s'", name); orf = sqlQuickString(conn, query); if (orf != NULL) wrapHgGeneLink(conn, orf, name, "sgdGene"); else printf("%s", name); freez(&orf); } void doTransRegCode(struct trackDb *tdb, char *item, char *motifTable) /* Display detailed info on a transcriptional regulatory code item. */ { struct dnaMotif *motif = loadDnaMotif(item, motifTable); int start = cartInt(cart, "o"); struct dnaSeq *seq = NULL; char *table = tdb->table; int rowOffset = hOffsetPastBin(database, seqName, table); char query[256]; struct sqlResult *sr; char **row; struct sqlConnection *conn = hAllocConn(database); struct transRegCode *trc = NULL; cartWebStart(cart, database, "Regulatory Code Info"); -sprintf(query, +sqlSafef(query, sizeof query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", table, item, seqName, start); sr = sqlGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) trc = transRegCodeLoad(row+rowOffset); sqlFreeResult(&sr); if (trc != NULL) { char strand[2]; seq = hDnaFromSeq(database, trc->chrom, trc->chromStart, trc->chromEnd, dnaLower); if (seq->size != motif->columnCount) { printf("WARNING: seq->size = %d, motif->colCount=%d<BR>\n", @@ -480,31 +480,31 @@ printf("<TD>"); sacCerHgGeneLinkName(conn, tf->name); printf("</TD>"); /* Print stong and weak growth conditions. */ ipPrintInRange(tf->conditionList, 0.0, 0.002, boundHash); ipPrintInRange(tf->conditionList, 0.002, 0.006, boundHash); /* Grab list of all conditions tested from database and * print out ones not in strong or weak as none. */ { char query[256], **row; struct sqlResult *sr; boolean isFirst = TRUE; boolean gotAny = FALSE; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select growthCondition from %s where name='%s'", tfToConditionTable, tf->name); sr = sqlGetResult(conn, query); printf("<TD>"); while ((row = sqlNextRow(sr)) != NULL) { if (!hashLookup(boundHash, row[0])) { if (isFirst) isFirst = FALSE; else printf(", "); printf("%s", row[0]); gotAny = TRUE; } @@ -544,59 +544,59 @@ } printf("</TD>"); } printf("</TR>\n"); hashFree(&boundHash); } hTableEnd(); } void growthConditionSection(struct sqlConnection *conn, char *conditionTable) /* Print out growth condition information. */ { struct sqlResult *sr; char query[256], **row; webNewSection("Description of Growth Conditions"); -safef(query, sizeof(query), "select * from %s order by name", conditionTable); +sqlSafef(query, sizeof(query), "select * from %s order by name", conditionTable); sr = sqlGetResult(conn, query); printf("<UL>"); while ((row = sqlNextRow(sr)) != NULL) { struct growthCondition gc; growthConditionStaticLoad(row, &gc); printf("<LI>"); printf("<A NAME=\"GC_%s\"></A>", gc.name); printf("%s - <I>%s</I> %s\n", gc.name, gc.shortLabel, gc.longLabel); } printf("</UL>"); sqlFreeResult(&sr); } void doTransRegCodeProbe(struct trackDb *tdb, char *item, char *codeTable, char *motifTable, char *tfToConditionTable, char *conditionTable) /* Display detailed info on a ChIP-chip probe from transRegCode experiments. */ { char query[256]; struct sqlResult *sr; char **row; int rowOffset = hOffsetPastBin(database, seqName, tdb->table); struct sqlConnection *conn = hAllocConn(database); struct transRegCodeProbe *probe = NULL; cartWebStart(cart, database, "ChIP-chip Probe Info"); -safef(query, sizeof(query), "select * from %s where name = '%s'", +sqlSafef(query, sizeof(query), "select * from %s where name = '%s'", tdb->table, item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) probe = transRegCodeProbeLoad(row+rowOffset); sqlFreeResult(&sr); if (probe != NULL) { struct tfData *tfList = NULL, *tf; struct hash *tfHash = newHash(0); struct transRegCode *trc; int i; /* Print basic info. */ printf("<B>Name:</B> %s<BR>\n", probe->name); printPosOnChrom(probe->chrom, probe->chromStart, probe->chromEnd,