src/hg/sageVisCGI/sageVisCGI.c 080a160c7b9595d516c9c70e83689a09b60839d0

080a160c7b9595d516c9c70e83689a09b60839d0
galt
  Mon Jun 3 12:16:53 2013 -0700
fix SQL Injection
diff --git src/hg/sageVisCGI/sageVisCGI.c src/hg/sageVisCGI/sageVisCGI.c
index 52821fb..2d328a2 100644
--- src/hg/sageVisCGI/sageVisCGI.c
+++ src/hg/sageVisCGI/sageVisCGI.c
@@ -180,77 +180,75 @@
 /** load the sage data by constructing a query based on the names in nmList
  */
 struct sage *loadSageData(char *table, struct slName *nmList)
 {
 char *user = cfgOption("db.user");
 char *password = cfgOption("db.password");
 struct sqlConnection *sc = NULL;
 struct dyString *query = newDyString(2048);
 struct sage *sgList = NULL, *sg=NULL;
 struct slName *nm =NULL;
 char *db = cgiUsualString("db", "hgFixed");
 char **row;
 int count=0;
 struct sqlResult *sr = NULL;
 sc = sqlConnectRemote("localhost", user, password, db);
-dyStringPrintf(query, "%s", "select * from sage where ");
+sqlDyStringPrintf(query, "select * from sage where ");
 for(nm=nmList;nm!=NULL;nm=nm->next)
     {
     if (count++)
         {
-        dyStringPrintf(query," or uni=%s ", nm->name );
+        sqlDyStringPrintf(query," or uni=%s ", nm->name );
         }
     else
 	{
-	dyStringPrintf(query," uni=%s ", nm->name);
+	sqlDyStringPrintf(query," uni=%s ", nm->name);
 	}
     }
 sr = sqlGetResult(sc,query->string);
 while((row = sqlNextRow(sr)) != NULL)
     {
     sg = sageLoad(row);
     slAddHead(&sgList,sg);
     }
 sqlFreeResult(&sr);
 sqlDisconnect(&sc);
 slReverse(&sgList);
 freeDyString(&query);
 return sgList;
 }
 
 /** load the sage experiment data
  */
 struct sageExp *loadSageExps(char *tableName, struct slName *nmList)
 {
 char *user = cfgOption("db.user");
 char *password = cfgOption("db.password");
 struct sqlConnection *sc = NULL;
 char query[256];
 struct sageExp *seList = NULL, *se=NULL;
 char **row;
 struct sqlResult *sr = NULL;
 char *db = cgiUsualString("db", "hgFixed");
-char *tmp= cloneString("select * from sageExp order by num");
 sc = sqlConnectRemote("localhost", user, password, db);
-sprintf(query,"%s",tmp);
+sqlSafef(query, sizeof query, "select * from sageExp order by num");
 sr = sqlGetResult(sc,query);
 while((row = sqlNextRow(sr)) != NULL)
     {
     se = sageExpLoad(row);
     slAddHead(&seList,se);
     }
-freez(&tmp);
 sqlFreeResult(&sr);
 sqlDisconnect(&sc);
 slReverse(&seList);
 return seList;
 }
 
 /** print usage and quit */
 void usage()
 {
 errAbort("sageVisCGI - create a graph of median sage counts\n"
 	 "usage:\n\t sageVisCGI u=<uniGeneNum> u=<uniGeneNum2> u=<uniGeneNum3> etc. \n");
 }
 
 /** main html generating function for htmShell */
 void doHtml()