080a160c7b9595d516c9c70e83689a09b60839d0
galt
  Mon Jun 3 12:16:53 2013 -0700
fix SQL Injection
diff --git src/hg/lib/pal.c src/hg/lib/pal.c
index f79cc08..2c209d9 100644
--- src/hg/lib/pal.c
+++ src/hg/lib/pal.c
@@ -99,31 +99,31 @@
 
 slNameFreeList(&includeList);
 return outCount;
 }
 
 int palOutPredsInBeds(struct sqlConnection *conn, struct cart *cart,
     struct bed *beds, char *table )
 /* output the alignments whose names and coords match a bed*/
 {
 struct genePred *list = NULL;
 
 for(; beds; beds = beds->next)
     {
     char where[10 * 1024];
 
-    safef(where, sizeof where,
+    sqlSafefFrag(where, sizeof where,
 	"name = '%s' and chrom='%s' and txEnd > %d and txStart <= %d",
 	beds->name, beds->chrom, beds->chromStart, beds->chromEnd);
 
     struct genePredReader *reader = genePredReaderQuery( conn, table, where);
     struct genePred *pred;
     while ((pred = genePredReaderNext(reader)) != NULL)
 	slAddHead(&list, pred);
 
     genePredReaderFree(&reader);
     }
 
 int outCount = 0;
 if (list != NULL)
     {
     slReverse(&list);
@@ -160,31 +160,31 @@
 /* Get group-changing javascript. */
 {
 struct dyString *dy = onChangeStart();
 return onChangeEnd(&dy);
 }
 
 static char * getConservationTrackName( struct sqlConnection *conn)
 {
 struct slName *dbList = hTrackDbList();
 struct slName *dbl = dbList;
 char *ret = NULL;
 
 for(; dbl; dbl = dbl->next)
     {
     char query[512];
-    safef(query, sizeof query,
+    sqlSafef(query, sizeof query,
 	"select tableName from %s where shortLabel='Conservation'", dbl->name);
 
     struct sqlResult *sr = sqlGetResult(conn, query);
     char **row;
     struct slName *tableList = NULL;
     while ((row = sqlNextRow(sr)) != NULL)
 	{
 	struct slName *name = newSlName(row[0]);
 	slAddHead(&tableList, name);
 	}
     sqlFreeResult(&sr);
 
     struct slName *l = tableList;
 
     for(; l; l = l->next)