9347e8dbe261da242e07497d64570bfe142b5930
hiram
  Tue Apr 30 18:24:54 2019 -0700
do not allow arbitrary garbage to get in via PATH_INFO refs #18869

diff --git src/hg/hubApi/hubApi.c src/hg/hubApi/hubApi.c
index fa0b20f..8933c99 100644
--- src/hg/hubApi/hubApi.c
+++ src/hg/hubApi/hubApi.c
@@ -956,32 +956,32 @@
 apiFunctionHash = hashNew(0);
 hashAdd(apiFunctionHash, "list", &apiList);
 hashAdd(apiFunctionHash, "getData", &apiGetData);
 }
 
 static struct hashEl *parsePathInfo(char *pathInfo, char *words[MAX_PATH_INFO])
 /* given a pathInfo string: /command/subCommand/etc...
  *  parse that and return a function pointer and the parsed words
  * Returns NULL if not recognized
  */
 {
 char *tmp = cloneString(pathInfo);
 /* skip the first leading slash to simplify chopByChar parsing */
 tmp += 1;
 int wordCount = chopByChar(tmp, '/', words, MAX_PATH_INFO);
-if (wordCount < 1)
-    return NULL;
+if (wordCount < 1 || wordCount > 2)
+    return NULL;	/* only 2 words allowed */
 
 struct hashEl *hel = hashLookup(apiFunctionHash, words[0]);
 return hel;
 }
 
 static void tracksForUcscDb(char *db)
 /* scan the specified database for all tracks */
 {
 struct hash *countTracks = hashNew(0);
 char *chromName = NULL;
 int chromCount = 0;
 unsigned chromSize = largestChrom(db, &chromName, &chromCount);
 char countString[64];
 sprintLongWithCommas(countString, chromCount);
 char sizeString[64];