src/hg/lib/snp125.c 080a160c7b9595d516c9c70e83689a09b60839d0

080a160c7b9595d516c9c70e83689a09b60839d0
galt
  Mon Jun 3 12:16:53 2013 -0700
fix SQL Injection
diff --git src/hg/lib/snp125.c src/hg/lib/snp125.c
index 9cafe94..b771bb7 100644
--- src/hg/lib/snp125.c
+++ src/hg/lib/snp125.c
@@ -245,31 +245,31 @@
 "                  DEFAULT 'unknown' NOT NULL,\n"
 "    valid         set('unknown', 'by-frequency', 'by-cluster', 'by-submitter', \n"
 "                  'by-2hit-2allele', 'by-hapmap') \n"
 "                  DEFAULT 'unknown' NOT NULL,\n"
 "    avHet 	   float not null,\n"
 "    avHetSE 	   float not null,\n"
 "    func          set( 'unknown', 'locus', 'coding', 'coding-synon', 'coding-nonsynon', \n"
 "                  'untranslated', 'intron','splice-site', 'cds-reference') \n"
 "                  DEFAULT 'unknown' NOT NULL,\n"
 "    locType       enum ('unknown', 'range', 'exact', 'between',\n"
 "                  'rangeInsertion', 'rangeSubstitution', 'rangeDeletion') DEFAULT 'unknown' NOT NULL\n,"
 "    weight        int not null\n"
 ")\n";
 
 struct dyString *dy = newDyString(1024);
-dyStringPrintf(dy, createString, tableName);
+sqlDyStringPrintf(dy, createString, tableName);
 sqlRemakeTable(conn, tableName, dy->string);
 dyStringFree(&dy);
 }
 
 int snp125Cmp(const void *va, const void *vb)
 {
 const struct snp125 *a = *((struct snp125 **)va);
 const struct snp125 *b = *((struct snp125 **)vb);
 int dif;
 dif = strcmp(a->chrom, b->chrom);
 if (dif == 0)
     dif = a->chromStart - b->chromStart;
 return dif;
 }