080a160c7b9595d516c9c70e83689a09b60839d0
galt
  Mon Jun 3 12:16:53 2013 -0700
fix SQL Injection
diff --git src/oneShot/tabTable/tabTable.c src/oneShot/tabTable/tabTable.c
index be2b46e..f0ee0e5 100644
--- src/oneShot/tabTable/tabTable.c
+++ src/oneShot/tabTable/tabTable.c
@@ -18,31 +18,31 @@
 int lastField;
 int sep;
 int i;
 struct dyString *ds = newDyString(256);
 
 if (argc < 4)
     {
     errAbort("tabTable - creates a tab-delimited version of mySql table\n"
              "usage\n"
 	     "    tabTable database table output [start] [end]");
     }
 database = argv[1];
 table = argv[2];
 outName = argv[3];
 conn = sqlConnect(database);
-dyStringPrintf(ds, "select * from %s", table);
+sqlDyStringPrintf(ds, "select * from %s", table);
 if (argc > 4)
     dyStringPrintf(ds, " where id >= %s", argv[4]);
 if (argc > 5)
     dyStringPrintf(ds, " and id < %s", argv[5]);
 sr = sqlGetResult(conn, ds->string);
 out = mustOpen(outName, "w");
 fieldCount = sqlFieldCount(sr);
 lastField = fieldCount-1;
 while ((row = sqlNextRow(sr)) != NULL)
     {
     if (--mod <= 0)
 	{
 	cumTotal += modSize;
 	printf("Processing row %d\n", cumTotal);
 	mod = modSize;