080a160c7b9595d516c9c70e83689a09b60839d0
galt
  Mon Jun 3 12:16:53 2013 -0700
fix SQL Injection
diff --git src/hg/lib/targetDb.c src/hg/lib/targetDb.c
index 7e21f90..2764bd4 100644
--- src/hg/lib/targetDb.c
+++ src/hg/lib/targetDb.c
@@ -239,44 +239,43 @@
  * (or NULL to get all available PCR targets for db), query the
  * central database targetDb table and load the results.  Remove 
  * entries that are out of sync or have missing tables. */
 {
 struct sqlConnection *conn = hConnectCentral();
 if (! sqlTableExists(conn, "targetDb"))
     {
     hDisconnectCentral(&conn);
     return NULL;
     }
 
 struct targetDb *targetList = NULL;
 struct sqlConnection *conn2 = hAllocConn(db);
 struct sqlResult *sr;
 char **row;
-char query[2048];
-safef(query, sizeof(query), "select * from targetDb where db = '%s' "
-      "%s%s%s order by priority", db,
-      isNotEmpty(name) ? "and name = '" : "",
-      isNotEmpty(name) ? name : "",
-      isNotEmpty(name) ? "' " : "");
-
-sr = sqlGetResult(conn, query);
+struct dyString *dy = dyStringNew(0);
+sqlDyStringPrintf(dy, "select * from targetDb where db = '%s' ", db);
+if (isNotEmpty(name))
+    sqlDyStringPrintf(dy, "and name = '%s' ", name);
+dyStringAppend(dy, "order by priority");
+sr = sqlGetResult(conn, dy->string);
 while ((row = sqlNextRow(sr)) != NULL)
     {
     struct targetDb *newTarg = targetDbMaybeLoad(conn2, row);
     if (newTarg)
 	slAddHead(&targetList, newTarg);
     }
+dyStringFree(&dy);
 hFreeConn(&conn2);
 hDisconnectCentral(&conn);
 return targetList;
 }
 
 char *targetDbSetting(struct targetDb *tdb, char *name)
 /* Return setting string or NULL if none exists. */
 {
 if (tdb == NULL)
     errAbort("Program error: null tdb passed to targetDbSetting.");
 if (tdb->settingsHash == NULL)
     tdb->settingsHash = raFromString(tdb->settings);
 return hashFindVal(tdb->settingsHash, name);
 }