080a160c7b9595d516c9c70e83689a09b60839d0 galt Mon Jun 3 12:16:53 2013 -0700 fix SQL Injection diff --git src/hg/lib/wigDataStream.c src/hg/lib/wigDataStream.c index 167dd3a..4e1801f 100644 --- src/hg/lib/wigDataStream.c +++ src/hg/lib/wigDataStream.c @@ -148,37 +148,37 @@ } else { if (wds->db) fprintf(fh, "#\t Database: %s, Table: %s\n", wds->db, wds->tblName); if (wds->isFile) fprintf(fh, "#\t from file, Table: %s\n", wds->tblName); wigStatsTableHeading(fh, htmlOut); } } /* void wigStatsHeader() */ /* strictly object methods following ************************/ /* PRIVATE METHODS ************************************************/ -static void addConstraint(struct wiggleDataStream *wds, char *left, char *right) +static void addConstraint(struct wiggleDataStream *wds, char *left, char *op, char *right) { struct dyString *constrain = dyStringNew(256); if (wds->sqlConstraint) dyStringPrintf(constrain, "%s AND ", wds->sqlConstraint); -dyStringPrintf(constrain, "%s \"%s\"", left, right); +sqlDyStringPrintfFrag(constrain, "%s %-s \"%s\"", left, op, right); freeMem(wds->sqlConstraint); /* potentially previously existing */ wds->sqlConstraint = cloneString(constrain->string); dyStringFree(&constrain); } /* *row[] is artifically one too big to allow for a potential bin * column when reading files that may have it. */ static boolean nextRow(struct wiggleDataStream *wds, char *row[], int maxRow) /* read next wig row from sql query or lineFile * FALSE return on no more data */ { int numCols; @@ -309,31 +309,31 @@ } slAddHead(&wds->stats, ws); } } static struct bed *bedElement(char *chrom, unsigned start, unsigned end, unsigned lineCount) { struct bed *bed; char name[128]; AllocVar(bed); bed->chrom = cloneString(chrom); bed->chromStart = start; bed->chromEnd = end; -snprintf(name, sizeof(name), "%s.%u", +safef(name, sizeof(name), "%s.%u", chrom, lineCount); bed->name = cloneString(name); return bed; } static void closeWibFile(struct wiggleDataStream *wds) /* if there is a Wib file open, close it */ { if (wds->wibFH > 0) close(wds->wibFH); wds->wibFH = -1; if (wds->wibFile) freez(&wds->wibFile); } @@ -360,46 +360,46 @@ { struct dyString *fileName = dyStringNew(256); lineFileClose(&wds->lf); /* possibly a previous file */ /* don't add .wig if it is already there, or use whatever filename * was given */ if (fileExists(wds->tblName)) dyStringPrintf(fileName, "%s", wds->tblName); else dyStringPrintf(fileName, "%s.wig", wds->tblName); wds->lf = lineFileOpen(fileName->string, TRUE); dyStringFree(&fileName); } else { struct dyString *query = dyStringNew(256); - dyStringPrintf(query, "select * from %s", wds->tblName); + sqlDyStringPrintf(query, "select * from %s", wds->tblName); if (wds->chrName) - addConstraint(wds, "chrom =", wds->chrName); + addConstraint(wds, "chrom", "=", wds->chrName); if (wds->winEnd) { char limits[256]; safef(limits, ArraySize(limits), "%d", wds->winEnd ); - addConstraint(wds, "chromStart <", limits); + addConstraint(wds, "chromStart", "<", limits); safef(limits, ArraySize(limits), "%d", wds->winStart ); - addConstraint(wds, "chromEnd >", limits); + addConstraint(wds, "chromEnd", ">", limits); } if (wds->spanLimit) { struct dyString *dyTmp = dyStringNew(256); dyStringPrintf(dyTmp, "%u", wds->spanLimit); - addConstraint(wds, "span =", dyTmp->string); + addConstraint(wds, "span", "=", dyTmp->string); dyStringFree(&dyTmp); } if (wds->sqlConstraint) { dyStringPrintf(query, " where "); if (wds->winEnd) { hAddBinToQuery(wds->winStart, wds->winEnd, query); } dyStringPrintf(query, " (%s)", wds->sqlConstraint); } dyStringPrintf(query, " order by "); if (!wds->chrName) dyStringPrintf(query, " chrom ASC,");