Im woundering if this code is vulnerable for XSS attacks?

Javascript function:
Code:
function viewImage(i) {
	img = document.getElementById("largesize");
	img.src = i.src;
}
and the call to the function in the code:
Code:
<img src="photos/image1.jpg" onclick="viewImage(this)">
<img src="photos/image2.jpg" onclick="viewImage(this)">
etc

Is it somehow possible to call the function with other values than the one in the code and enter malicious code?

Is it safer or unsafer to call the function like this instead?
Code:
<a href="javascript:viewImage('photos/image1.jpg');"><img src="photos/image1.jpg"></a>
The image is showed here after the call:
Code:
<img src="photos/image1.jpg" id="largesize">