Position Causes Stockfish and Komodo To Crash

[Sesse]

Where do the security boundaries lie? That is where you need to check.

Well, here's a related question: My chess site allows users to probe a running Stockfish' hash for fairly arbitrary positions. I would like to verify the FENs in the frontend, to make sure Stockfish does not crash on them. How should I go about this?

[brianr]

Where do the security boundaries lie? That is where you need to check.

Well, here's a related question: My chess site allows users to probe a running Stockfish' hash for fairly arbitrary positions. I would like to verify the FENs in the frontend, to make sure Stockfish does not crash on them. How should I go about this?

Maybe this would work:
https://github.com/jhlywa/chess.js#validate_fenfen

[Sesse]

Maybe this would work:
https://github.com/jhlywa/chess.js#validate_fenfen

It's nowhere near it, no. IIRC, it's even marked as “this is hopelessly wrong and needs a rewrite”, although I can't recall where.

Edit: https://github.com/jhlywa/chess.js/blob ... ss.js#L267

[Fulvio]

a related question: My chess site allows users to probe a running Stockfish' hash for fairly arbitrary positions. I would like to verify the FENs in the frontend, to make sure Stockfish does not crash on them. How should I go about this?

Do what the other chess sites did:
https://lichess.org/forum/lichess-feedb ... ter?page=1

Lichess is open source and you can use their code, but any other PGN reader will also do the job.

[Fulvio]

So, if you abandon your crusade about the only proper and right way,

There is a right way and a wrong way here - which is why input validation has been standard practice in software engineering for decades. Except apparently some chess engine programmers, people have gotten that message.

Nope, engineering is about specs not magic.
The CPU of your computer requires a valid input voltage: you can input an invalid voltage and fry the chip. Are they bad engineers or it is your fault?
The CPU was designed to be used with a motherboard including a voltage regulator, which was designed to be used with a PSU including a fuse, which can be used with a UPS. And in the end you get the magic black box intended for the end user.
Good engineering is not about right and wrong, good or evil; it is about building things that works as expected.

[Michel]

Good engineering is not about right and wrong, good or evil; it is about building things that works as expected.

Exactly. And regardless of what you say, people do not expect software to crash on invalid input, except in some very specific circumstances.

Do you think ld should be allowed to crash when confronted with an unknown file format?

[Fulvio]

Good engineering is not about right and wrong, good or evil; it is about building things that works as expected.

Exactly. And regardless of what you say, people do not expect software to crash on invalid input, except in some very specific circumstances.

People?
The product should meet the specifications for which it was designed.
You can buy a hammer and keep complaining as much as you want that it doesn't work as you expected with screws.
Not very useful, but if it makes you feel better...
Or you can use it the way it was designed, with nails, and buy a screwdriver otherwise.

[Sesse]

Do what the other chess sites did:
https://lichess.org/forum/lichess-feedb ... ter?page=1

Lichess is open source and you can use their code, but any other PGN reader will also do the job.

It also appears to be rudimentary, e.g. doesn't test if both sides are in check:

https://github.com/ornicar/scalachess/b ... scala#L172

[Michel]

Good engineering is not about right and wrong, good or evil; it is about building things that works as expected.

Exactly. And regardless of what you say, people do not expect software to crash on invalid input, except in some very specific circumstances.

People?
The product should meet the specifications for which it was designed.
You can buy a hammer and keep complaining as much as you want that it doesn't work as you expected with screws.
Not very useful, but if it makes you feel better...
Or you can use it the way it was designed, with nails, and buy a screwdriver otherwise.

You have not answered my question. I repeat. Do you think it would be ok for ld to crash when encountering an unknown file format? A simple yes or no is sufficient.

[syzygy]

Maybe I am wrong, but I think if someone introduced a patch that caught bogus FENs and it showed it to have a negligible impact on performance, it would be implemented in master. However, I myself am too lazy to implement and test such a patch so it's hard to argue that anyone else should.

It would almost certainly have no measurable impact on performance (just a few extra cycles for the position command). But I don't expect it to be accepted.

UCI doesn't provide for a good way to deal with illegal fens, so GUIs also wouldn't know how to deal with an engine that "rejects" fens in its own peculiar way. By the design of UCI, it is the GUI that should check.

Of course one could argue that the engine should simply exit(EXIT_FAILURE) on illegal input.