Why i am getting this error message
Show older comments
function pushbutton1_Callback(hObject, eventdata, handles)
% hObject handle to pushbutton1 (see GCBO)
% eventdata reserved - to be defined in a future version of MATLAB
% handles structure with handles and user data (see GUIDATA)
clc
s =str2double(get(handles.edit1,'string'));
in =str2double(get(handles.edit2,'string'));
en =str2double(get(handles.edit3,'string'));
t=s:in:en;
y=eval(get(handles.edit4,'string')); %line 181
figure(1)
plot(t,y)
title('Actual graph')
x=0;
y1 = zeros(1,(length(t)-1));
for i=1:(length(t)-1)
x=x+(y(1,i+1)*in);
y1(1,i)=x;
end
t1=s:in:(en-in);
figure(2)
plot(t1,y1)
title('After Intregation')
1 Comment
Christopher Wallace
on 25 Jul 2018
What is on line 181?
Please reformat the code in the question. It isn't possible to see where the lines end.
Accepted Answer
OCDER
on 25 Jul 2018
The error you're getting is probably caused by an invalid/empty string in handles.edit4. And DON'T use eval, esepecially in a GUI's editable text!
y = eval('')
Error: This statement is incomplete.
y = eval(get(handles.edit4,'string')); %DON'T USE EVAL! Security Risk!
% What if handles.edit4.string = 'delete(every_file)' ? You'll lose a lot of files!
What are you "evaluating"? Give us an example and we'll provide a safer and faster alternative to eval.
8 Comments
Robiul Ferdous
on 25 Jul 2018
Walter Roberson
on 25 Jul 2018
str2func() instead of eval() . This still leaves security risks though, so ideally you should validate that the expression is well formed and not a risk before you str2func()
Try something like this instead of that eval line.
FullStr = get(handles.edit4, 'string'); %EX: sin(2*pi*t)
FuncStr = FullStr(1:find(FullStr == '(', 1)-1);
SafeStr = {'sin', 'cos', 'tan'}; %Select function names you are okay with
if ~ismember(FuncStr, SafeStr)
fprintf('"%s" is not a valid function. These are: ', FuncStr);
fprintf(' "%s" ', SafeStr{:});
fprintf('\n');
return %ends your callback function early
end
FuncHdl = str2func(['@(t) ' FullStr]);
try
y = FuncHdl(t);
catch
disp('Something is wrong with this function handle:')
disp(FuncHdl);
return
end
Walter Roberson
on 25 Jul 2018
Edited: Walter Roberson
on 25 Jul 2018
Perhaps
FuncStrs = regexp(FullStr, '\w+(?=\()', 'match');
if ~all(ismember(FuncStrs, SafeStr))
as this should allow for a mix of functions such as sin(3*x)-cos(x/pi)
Thanks Walter, that's much more robust. And here's one more security check, in case someone uses a string like:
FullStr = 'sin(mkdir(''test''),t)'; %Sneaky security bypass
and if you cannot list every safe string possible.
UnsafeStr = {'delete', 'rmdir', 'mkdir', 'movefile', 'copyfile'};
if contains(FullStr, UnsafeStr)
fprintf('Detected an unsafe string! Cannot have: \n');
fprintf(' "%s" ', UnsafeStr{:});
fprintf('\n');
return
end
There might be safer ways...
Walter Roberson
on 25 Jul 2018
My suggestion already handles the nested calls
The rule for computer security is to never count on blacklists, as someone might find a clever way of encoding around the blacklist. For example systems that checked input text for ` specifically often failed to check percent encoding %60 or unicode %u0060 or HTML entities `
OCDER
on 25 Jul 2018
I see. This clears up the blacklist vs whitelist approach. The other issue was what if the whitelist wasn't so obvious or is large? EX:
tanh(t) + sech(t) + ... more trig func
One way to get a larger whitelist would be:
SafeStr = arrayfun(@(x) strrep(x.name, '.m', ''), dir(fullfile(ctfroot, 'toolbox', 'matlab', 'elfun', '*.m')), 'un', 0)
Now more functions for trig are valid.
Walter Roberson
on 25 Jul 2018
Interesting approach.
Though this does accidentally bring in the script 'Contents' (which is effectively just a help file script.)
More Answers (1)
Robiul Ferdous
on 26 Jul 2018
0 votes
1 Comment
OCDER
on 26 Jul 2018
The Answer is reserved for answer to your original question. If this is a new error and new question, post a new question. Otherwise, no one will try to respond here as an Answer was already accepted.
Post full error message in you new question post. Read this:
Categories
Find more on Variables in Help Center and File Exchange
Community Treasure Hunt
Find the treasures in MATLAB Central and discover how the community can help you!
Start Hunting!
