Position Causes Stockfish and Komodo To Crash

[Dann Corbit]

The more secure you make it, the more secure it is.
It is not only the crashes I would fix.
But I use a lot of engines derived from stockfish and I already make about 20 patches with every release.
So instead of doing 20 patches each on ten engines I cleanse the data.

I guess other people do the same thing.

[Ras]

But then you're still advocating for a false sense of security.

No, I'm just doing what is standard best practice in software engineering, as Bob also mentioned. Input validation has been standard practice for decades.

A typical UCI engine can do funny stuff on malicious input. You have to accept that

Bad software engineering isn't acceptable. It's just that, as evidenced in this thread, many engine programmers don't care. I bet these same people would be annoyed if every other piece of software had the same sloppy input handling and would crash - browsers, word processors, spreadsheet calculators, you name it. One bad key stroke and crash.

[Ras]

Also, the argument just doesn't wash that if we can't guarantee perfect security, we don't need to care at all and can be outright sloppy. Just like people do lock their house doors although any door can be opened by a sufficiently equipped and experienced burglar.

[Sesse]

[But then you're still advocating for a false sense of security.

Or perhaps just for increased reliability, which is related to security but not the same.

[syzygy]

But then you're still advocating for a false sense of security.

No, I'm just doing what is standard best practice in software engineering, as Bob also mentioned. Input validation has been standard practice for decades.

A typical UCI engine can do funny stuff on malicious input. You have to accept that

Bad software engineering isn't acceptable. It's just that, as evidenced in this thread, many engine programmers don't care. I bet these same people would be annoyed if every other piece of software had the same sloppy input handling and would crash - browsers, word processors, spreadsheet calculators, you name it. One bad key stroke and crash.

You should by now be aware of the crucial difference.

[syzygy]

Also, the argument just doesn't wash that if we can't guarantee perfect security, we don't need to care at all and can be outright sloppy. Just like people do lock their house doors although any door can be opened by a sufficiently equipped and experienced burglar.

There is no need to lock every door in your house if you can rely on the front door being locked. The doors that are accessible by random people over which you have no control. A UCI engine is not meant to be used as the front door. Using one as your front door anyway is negligent.

Again, UCI was meant to make it as easy as possible to implement a chess engine.

[syzygy]

The more secure you make it, the more secure it is.
It is not only the crashes I would fix.
But I use a lot of engines derived from stockfish and I already make about 20 patches with every release.
So instead of doing 20 patches each on ten engines I cleanse the data.

And that's what you should do because those 20 patches aren't going to make Stockfish safe to operate on untrusted data anyway.

[Dann Corbit]

The more secure you make it, the more secure it is.
It is not only the crashes I would fix.
But I use a lot of engines derived from stockfish and I already make about 20 patches with every release.
So instead of doing 20 patches each on ten engines I cleanse the data.

And that's what you should do because those 20 patches aren't going to make Stockfish safe to operate on untrusted data anyway.

I am not looking for perfect software. Nobody is.
I am simply looking for better software.

A huge percentage of EPD positions are written by humans. Those positions get fed into engines.
Engine writers are some strange sort of fish, who do not want to check the quality of the data.
*shrug*

[Ras]

There is no need to lock every door in your house if you can rely on the front door being locked.

For one's own program, the external interfaces are the house doors. If everyone relies on someone else to catch things, nobody will do that. Also, there are valid reasons why a GUI transmits FENs that not all engines can deal with, like positions with more than 9 queens.

Again, UCI was meant to make it as easy as possible to implement a chess engine.

It was designed as easy protocol - but that is no argument for a sloppy implementation and omitting even basics of good software engineering. I'm not sure where everyone is coming from, but in my environment, that wouldn't pass a professional code review because robustness with inputs is always a general requirement.

[Michel]

A lot of software is designed to be invoked through wrapper programs which present a friendly interface to the user (e.g. a compiler toolchain, or the kernel of a computer algebra system). But no one would accept the underlying "worker" programs to crash when presented with invalid input.

Imagine the Linux kernel crashing after a system call with invalid arguments...