src/hg/intronEnds/intronEnds.c 080a160c7b9595d516c9c70e83689a09b60839d0

080a160c7b9595d516c9c70e83689a09b60839d0
galt
  Mon Jun 3 12:16:53 2013 -0700
fix SQL Injection
diff --git src/hg/intronEnds/intronEnds.c src/hg/intronEnds/intronEnds.c
index 1d33f8b..e56bd54 100644
--- src/hg/intronEnds/intronEnds.c
+++ src/hg/intronEnds/intronEnds.c
@@ -35,31 +35,31 @@
 char **row;
 struct genePred *gp;
 int total = 0;
 int gtag = 0;
 int gcag = 0;
 int atac = 0;
 int ctac = 0;
 DNA ends[4];
 int exonIx, txStart;
 struct dnaSeq *seq;
 int rowOffset;
 char strand;
 
 rowOffset = hOffsetPastBin(database, NULL, table);
 conn = hAllocConn(database);
-dyStringPrintf(query, "select * from %s", table);
+sqlDyStringPrintf(query, "select * from %s", table);
 if (chromName != NULL)
     dyStringPrintf(query, " where chrom = '%s'", chromName);
 if (cgiBoolean("withUtr"))
     {
     dyStringPrintf(query, " %s txStart != cdsStart", 
         (chromName == NULL ? "where" : "and"));
     }
 sr = sqlGetResult(conn, query->string);
 while ((row = sqlNextRow(sr)) != NULL)
     {
     gp = genePredLoad(row+rowOffset);
     strand = gp->strand[0];
     txStart = gp->txStart;
     seq = hDnaFromSeq(database, gp->chrom, txStart, gp->txEnd, dnaLower);
     for (exonIx=1; exonIx < gp->exonCount; ++exonIx)