From c1f9a0d706f3a0e82491a72807fa361ffbb4b9de Mon Sep 17 00:00:00 2001
From: "Steinar H. Gunderson" <sgunderson@bigfoot.com>
Date: Wed, 12 Jul 2023 16:21:55 +0200
Subject: [PATCH] Fix serve-analysis.js crash with our custom chess.js.

---
 server/hash-lookup.js | 126 ++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 120 insertions(+), 6 deletions(-)

diff --git a/server/hash-lookup.js b/server/hash-lookup.js
index 21e722a..e84974c 100644
--- a/server/hash-lookup.js
+++ b/server/hash-lookup.js
@@ -1,5 +1,4 @@
 var grpc = require('@grpc/grpc-js');
-var Chess = require('../www/js/chess.js').Chess;
 
 var PROTO_PATH = __dirname + '/hashprobe.proto';
 var protoLoader = require('@grpc/proto-loader');
@@ -13,7 +12,122 @@ var packageDefinition = protoLoader.loadSync(
     });
 var hashprobe_proto = grpc.loadPackageDefinition(packageDefinition).hashprobe;
 
-var board = new Chess();
+/*
+ * validate_fen() is taken from chess.js, which has this license:
+ *
+ * Copyright (c) 2017, Jeff Hlywa (jhlywa@gmail.com)
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ *    this list of conditions and the following disclaimer in the documentation
+ *    and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ *----------------------------------------------------------------------------*/
+function validate_fen(fen) {
+  var errors = {
+     0: 'No errors.',
+     1: 'FEN string must contain six space-delimited fields.',
+     2: '6th field (move number) must be a positive integer.',
+     3: '5th field (half move counter) must be a non-negative integer.',
+     4: '4th field (en-passant square) is invalid.',
+     5: '3rd field (castling availability) is invalid.',
+     6: '2nd field (side to move) is invalid.',
+     7: '1st field (piece positions) does not contain 8 \'/\'-delimited rows.',
+     8: '1st field (piece positions) is invalid [consecutive numbers].',
+     9: '1st field (piece positions) is invalid [invalid piece].',
+    10: '1st field (piece positions) is invalid [row too large].',
+    11: 'Illegal en-passant square',
+  };
+
+  /* 1st criterion: 6 space-seperated fields? */
+  var tokens = fen.split(/\s+/);
+  if (tokens.length !== 6) {
+    return {valid: false, error_number: 1, error: errors[1]};
+  }
+
+  /* 2nd criterion: move number field is a integer value > 0? */
+  if (isNaN(tokens[5]) || (parseInt(tokens[5], 10) <= 0)) {
+    return {valid: false, error_number: 2, error: errors[2]};
+  }
+
+  /* 3rd criterion: half move counter is an integer >= 0? */
+  if (isNaN(tokens[4]) || (parseInt(tokens[4], 10) < 0)) {
+    return {valid: false, error_number: 3, error: errors[3]};
+  }
+
+  /* 4th criterion: 4th field is a valid e.p.-string? */
+  if (!/^(-|[abcdefgh][36])$/.test(tokens[3])) {
+    return {valid: false, error_number: 4, error: errors[4]};
+  }
+
+  /* 5th criterion: 3th field is a valid castle-string? */
+  if( !/^[C-HK]?[A-FQ]?[c-hk]?[a-fq]?$/.test(tokens[2]) &&
+      tokens[2] !== '-') {
+    return {valid: false, error_number: 5, error: errors[5]};
+  }
+
+  /* 6th criterion: 2nd field is "w" (white) or "b" (black)? */
+  if (!/^(w|b)$/.test(tokens[1])) {
+    return {valid: false, error_number: 6, error: errors[6]};
+  }
+
+  /* 7th criterion: 1st field contains 8 rows? */
+  var rows = tokens[0].split('/');
+  if (rows.length !== 8) {
+    return {valid: false, error_number: 7, error: errors[7]};
+  }
+
+  /* 8th criterion: every row is valid? */
+  for (var i = 0; i < rows.length; i++) {
+    /* check for right sum of fields AND not two numbers in succession */
+    var sum_fields = 0;
+    var previous_was_number = false;
+
+    for (var k = 0; k < rows[i].length; k++) {
+      if (!isNaN(rows[i][k])) {
+        if (previous_was_number) {
+          return {valid: false, error_number: 8, error: errors[8]};
+        }
+        sum_fields += parseInt(rows[i][k], 10);
+        previous_was_number = true;
+      } else {
+        if (!/^[prnbqkPRNBQK]$/.test(rows[i][k])) {
+          return {valid: false, error_number: 9, error: errors[9]};
+        }
+        sum_fields += 1;
+        previous_was_number = false;
+      }
+    }
+    if (sum_fields !== 8) {
+      return {valid: false, error_number: 10, error: errors[10]};
+    }
+  }
+
+  if ((tokens[3][1] == '3' && tokens[1] == 'w') ||
+      (tokens[3][1] == '6' && tokens[1] == 'b')) {
+        return {valid: false, error_number: 11, error: errors[11]};
+  }
+
+  /* everything's okay! */
+  return {valid: true, error_number: 0, error: errors[0]};
+}
 
 var clients = [];
 var current_servers = [];
@@ -41,7 +155,7 @@ var init = function(servers) {
 exports.init = init;
 
 var handle_request = function(fen, response) {
-	if (fen === undefined || fen === null || fen === '' || !board.validate_fen(fen).valid) {
+	if (fen === undefined || fen === null || fen === '' || !validate_fen(fen).valid) {
 		response.writeHead(400, {});
 		response.end();
 		return;
@@ -77,11 +191,11 @@ var handle_response = function(fen, response, probe_responses) {
 	var probe_response = reconcile_responses(probe_responses);
 	var lines = {};
 
-	var root = translate_line(board, fen, probe_response['root']);
+	var root = translate_line(fen, probe_response['root']);
 	for (var i = 0; i < probe_response['line'].length; ++i) {
 		var line = probe_response['line'][i];
 		var pretty_move = line['move']['pretty'];
-		lines[pretty_move] = translate_line(board, fen, line);
+		lines[pretty_move] = translate_line(fen, line);
 	}
 
 	var text = JSON.stringify({
@@ -150,7 +264,7 @@ var reconcile_moves = function(a, b) {
 	}
 }	
 
-var translate_line = function(board, fen, line) {
+var translate_line = function(fen, line) {
 	var r = {};
 
 	if (line['move'] && line['move']['pretty']) {
-- 
2.39.2