080a160c7b9595d516c9c70e83689a09b60839d0
galt
  Mon Jun 3 12:16:53 2013 -0700
fix SQL Injection
diff --git src/hg/synMap/createSlamParaSpec.c src/hg/synMap/createSlamParaSpec.c
index f03f9ff..c9e8e8d 100644
--- src/hg/synMap/createSlamParaSpec.c
+++ src/hg/synMap/createSlamParaSpec.c
@@ -24,31 +24,31 @@
 {
 char buff[512];
 if(strstr(chrom, "chr") != NULL)
     snprintf(buff, sizeof(buff), "%s:%u-%u", chrom, start, end);
 else
     snprintf(buff, sizeof(buff), "chr%s:%u-%u", chrom, start, end);
 return cloneString(buff);
 }
 
 void makeSubDirs(char *db)
 /* create a subdir for each chrom in database */
 {
 struct sqlConnection *conn = NULL;
 struct sqlResult *sr = NULL;
 char **row;
-char *query = "select chrom from chromInfo";
+char *query = "NOSQLINJ select chrom from chromInfo";
 hSetDb(db);
 conn = hAllocConn();
 sr = sqlGetResult(conn, query);
 while((row = sqlNextRow(sr)) != NULL)
     {
     mkdir(row[0], 1);
     chmod(row[0],0777);
     }
 mkdir("log", 1);
 chmod("log",0777);
 sqlFreeResult(&sr);
 hFreeConn(&conn);
 }