src/hg/hgc/rnaFoldClick.c ab0b162f0b880aa7dce8cd25b840957b1bfa9656

ab0b162f0b880aa7dce8cd25b840957b1bfa9656
galt
  Wed Jun 1 00:58:03 2022 -0700
Fixing NOSQLINJv2, using safe functions for extraWhere for hExtendedChromQuery in hgc/rnaFoldClick.c. refs #29274

diff --git src/hg/hgc/rnaFoldClick.c src/hg/hgc/rnaFoldClick.c
index 03f928e..e792152 100644
--- src/hg/hgc/rnaFoldClick.c
+++ src/hg/hgc/rnaFoldClick.c
@@ -502,31 +502,31 @@
 char **row;
 int  rowOffset = 0;
 char *mafTrack = trackDbSetting(tdb, "mafTrack");
 int start = cartInt(cart, "o");
 struct mafAli *maf = NULL;
 char option[128];
 char *speciesOrder = NULL;
 boolean hasConf = sqlColumnExists(conn, table, "conf");
 
 /* print header */
 genericHeader(tdb, itemName);
 /* printRfamUrl(itemName); */
 genericBedClick(conn, tdb, itemName, start, 6);
 
 /* get the rnaSecStr and maf from db */
-sprintf(extraWhere, "chromStart = %d and name = '%s'", start, itemName);
+sqlSafef(extraWhere, sizeof extraWhere, "chromStart = %d and name = '%s'", start, itemName);
 sr   = hExtendedChromQuery(conn, table, seqName, extraWhere,  FALSE, NULL, &rowOffset);
 row  = sqlNextRow(sr);
 if (hasConf)
     item = rnaSecStrLoadConf(row + rowOffset);
 else
     item = rnaSecStrLoad(row + rowOffset);
 if (mafTrack)
     {
     htmlHorizontalLine();
     maf  = mafFromRnaSecStrItem(mafTrack, item);
 
     /* order maf by species */
     safef(option, sizeof(option), "%s.speciesOrder", tdb->track);
     speciesOrder = cartUsualString(cart, option, NULL);
     if (speciesOrder == NULL)