From 940ffc20b8332f19f3974bf258018306afdbd421 Mon Sep 17 00:00:00 2001
From: Alex Karle <alex@karle.co>
Date: Fri, 3 Apr 2020 23:13:18 -0400
Subject: [PATCH] Euchre::Dealer: Validate seat number from client

Bad things happen if you take a seat > 3. Assumptions were made...
---
 lib/Euchre/Dealer.pm | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lib/Euchre/Dealer.pm b/lib/Euchre/Dealer.pm
index 51663de..ce78a02 100644
--- a/lib/Euchre/Dealer.pm
+++ b/lib/Euchre/Dealer.pm
@@ -154,6 +154,11 @@ sub take_seat {
     my $game = $p->{game};
     my $seat = $msg->{seat};
 
+    if ($seat > 3 || $seat < 0) {
+        send_error($p, 'Invalid seat');
+        return;
+    }
+
     if (defined $game->{players}->[$seat]) {
         send_error($p, 'Seat is taken');
     } else {
--
libgit2 1.1.1