080a160c7b9595d516c9c70e83689a09b60839d0 galt Mon Jun 3 12:16:53 2013 -0700 fix SQL Injection diff --git src/hg/lib/hgBam.c src/hg/lib/hgBam.c index 6a8b39b..c455b67 100644 --- src/hg/lib/hgBam.c +++ src/hg/lib/hgBam.c @@ -7,42 +7,42 @@ #ifdef USE_BAM #include "htmshell.h" #include "samAlignment.h" char *bamFileNameFromTable(struct sqlConnection *conn, char *table, char *bamSeqName) /* Return file name from table. If table has a seqName column, then grab the * row associated with bamSeqName (which can be e.g. '1' not 'chr1' if that is the * case in the bam file). */ { boolean checkSeqName = (sqlFieldIndex(conn, table, "seqName") >= 0); if (checkSeqName && bamSeqName == NULL) errAbort("bamFileNameFromTable: table %s has seqName column, but NULL seqName passed in", table); char query[512]; if (checkSeqName) - safef(query, sizeof(query), "select fileName from %s where seqName = '%s'", + sqlSafef(query, sizeof(query), "select fileName from %s where seqName = '%s'", table, bamSeqName); else - safef(query, sizeof(query), "select fileName from %s", table); + sqlSafef(query, sizeof(query), "select fileName from %s", table); char *fileName = sqlQuickString(conn, query); if (fileName == NULL && checkSeqName) { if (startsWith("chr", bamSeqName)) - safef(query, sizeof(query), "select fileName from %s where seqName = '%s'", + sqlSafef(query, sizeof(query), "select fileName from %s where seqName = '%s'", table, bamSeqName+strlen("chr")); else - safef(query, sizeof(query), "select fileName from %s where seqName = 'chr%s'", + sqlSafef(query, sizeof(query), "select fileName from %s where seqName = 'chr%s'", table, bamSeqName); fileName = sqlQuickString(conn, query); } if (fileName == NULL) { if (checkSeqName) errAbort("Missing fileName for seqName '%s' in %s table", bamSeqName, table); else errAbort("Missing fileName in %s table", table); } return fileName; } struct ffAli *bamToFfAli(const bam1_t *bam, struct dnaSeq *target, int targetOffset, boolean useStrand, char **retQSeq)