From 6c286107c884b4d1ea64913d6d91ca6758de8b9f Mon Sep 17 00:00:00 2001
From: Koen Bollen <meneer@koenbollen.nl>
Date: Wed, 6 Sep 2023 15:05:34 +0200
Subject: [PATCH 1/3] Also check lobbies length in TimeoutPeer store method.

---
 internal/signaling/stores/postgres.go | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/internal/signaling/stores/postgres.go b/internal/signaling/stores/postgres.go
index fa3a428..fcaf1c8 100644
--- a/internal/signaling/stores/postgres.go
+++ b/internal/signaling/stores/postgres.go
@@ -299,12 +299,18 @@ func (s *PostgresStore) ListLobbies(ctx context.Context, game, filter string) ([
 }
 
 func (s *PostgresStore) TimeoutPeer(ctx context.Context, peerID, secret, gameID string, lobbies []string) error {
-
 	if len(peerID) > 20 {
 		logger := logging.GetLogger(ctx)
 		logger.Warn("peer id too long", zap.String("peerID", peerID))
 		return ErrInvalidPeerID
 	}
+	for _, lobby := range lobbies {
+		if len(lobby) > 20 {
+			logger := logging.GetLogger(ctx)
+			logger.Warn("lobby code too long", zap.String("lobbyCode", lobby))
+			return ErrInvalidLobbyCode
+		}
+	}
 
 	now := util.Now(ctx)
 	_, err := s.DB.Exec(ctx, `

From 7832deccf7bdbc0c78bfb6a9e6ace1ab20f3bca4 Mon Sep 17 00:00:00 2001
From: Koen Bollen <meneer@koenbollen.nl>
Date: Wed, 6 Sep 2023 15:07:54 +0200
Subject: [PATCH 2/3] Also check lobby length on reconnect.

---
 internal/signaling/peer.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/internal/signaling/peer.go b/internal/signaling/peer.go
index 1f3728c..8b380fa 100644
--- a/internal/signaling/peer.go
+++ b/internal/signaling/peer.go
@@ -376,6 +376,9 @@ func (p *Peer) HandleJoinPacket(ctx context.Context, packet JoinPacket) error {
 	if packet.Lobby == "" {
 		return fmt.Errorf("no lobby code supplied")
 	}
+	if len(packet.Lobby) > 20 {
+		return fmt.Errorf("lobby code too long")
+	}
 
 	p.Lobby = packet.Lobby
 

From e56fd505a02f60a3051e8eaaf56e21525d2030ef Mon Sep 17 00:00:00 2001
From: Koen Bollen <meneer@koenbollen.nl>
Date: Wed, 6 Sep 2023 15:09:49 +0200
Subject: [PATCH 3/3] Also change the joining logic a bit in case of a failure.

---
 internal/signaling/peer.go | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/internal/signaling/peer.go b/internal/signaling/peer.go
index 8b380fa..941741c 100644
--- a/internal/signaling/peer.go
+++ b/internal/signaling/peer.go
@@ -380,15 +380,14 @@ func (p *Peer) HandleJoinPacket(ctx context.Context, packet JoinPacket) error {
 		return fmt.Errorf("lobby code too long")
 	}
 
-	p.Lobby = packet.Lobby
-
-	p.store.Subscribe(ctx, p.Game+p.Lobby+p.ID, p.ForwardMessage)
-
-	others, err := p.store.JoinLobby(ctx, p.Game, p.Lobby, p.ID)
+	others, err := p.store.JoinLobby(ctx, p.Game, packet.Lobby, p.ID)
 	if err != nil {
 		return err
 	}
 
+	p.Lobby = packet.Lobby
+	p.store.Subscribe(ctx, p.Game+p.Lobby+p.ID, p.ForwardMessage)
+
 	err = p.Send(ctx, JoinedPacket{
 		RequestID: packet.RequestID,
 		Type:      "joined",