Check size limits on metadata and name set from client. (#2850)

* Send error response when update metadata fails. Keeping it simple for the first implementation. - Send error response only if request_id != 0 - Two kinds of errors notified o does not have permissions - NOT_ALLOWED o attributes exceeds size limits - INVALID_ARGUMENT * Check size limits on metadata and name set from client. Added a name length limit also. * check name length in service update participant path also * limit check in limit config * update protocol * longer keys
2026-03-30 15:35:41 +00:00 · 2024-07-12 09:57:17 +05:30
parent ff66b545b4
commit 09e3aef859
15 changed files with 208 additions and 206 deletions
--- a/pkg/config/config.go
+++ b/pkg/config/config.go
@@ -332,6 +332,31 @@ type LimitConfig struct {
 	MaxAttributesSize            uint32 `yaml:"max_attributes_size,omitempty"`
 	MaxRoomNameLength            int    `yaml:"max_room_name_length,omitempty"`
 	MaxParticipantIdentityLength int    `yaml:"max_participant_identity_length,omitempty"`
+	MaxParticipantNameLength     int    `yaml:"max_participant_name_length,omitempty"`
+}
+
+func (l LimitConfig) CheckRoomNameLength(name string) bool {
+	return l.MaxRoomNameLength == 0 || len(name) <= l.MaxRoomNameLength
+}
+
+func (l LimitConfig) CheckParticipantNameLength(name string) bool {
+	return l.MaxParticipantNameLength == 0 || len(name) <= l.MaxParticipantNameLength
+}
+
+func (l LimitConfig) CheckMetadataSize(metadata string) bool {
+	return l.MaxMetadataSize == 0 || uint32(len(metadata)) <= l.MaxMetadataSize
+}
+
+func (l LimitConfig) CheckAttributesSize(attributes map[string]string) bool {
+	if l.MaxAttributesSize == 0 {
+		return true
+	}
+
+	total := 0
+	for k, v := range attributes {
+		total += len(k) + len(v)
+	}
+	return uint32(total) <= l.MaxAttributesSize
 }

 type IngressConfig struct {
@@ -540,6 +565,7 @@ var DefaultConfig = Config{
 		MaxAttributesSize:            64000,
 		MaxRoomNameLength:            256,
 		MaxParticipantIdentityLength: 256,
+		MaxParticipantNameLength:     256,
 	},
 	Logging: LoggingConfig{
 		PionLevel: "error",
--- a/pkg/rtc/errors.go
+++ b/pkg/rtc/errors.go
@@ -31,7 +31,9 @@ var (
 	ErrEmptyParticipantID      = errors.New("participant ID cannot be empty")
 	ErrMissingGrants           = errors.New("VideoGrant is missing")
 	ErrInternalError           = errors.New("internal error")
-	ErrAttributeExceedsLimits  = errors.New("attribute size exceeds limits")
+	ErrNameExceedsLimits       = errors.New("name length exceeds limits")
+	ErrMetadataExceedsLimits   = errors.New("metadata size exceeds limits")
+	ErrAttributesExceedsLimits = errors.New("attributes size exceeds limits")

 	// Track subscription related
 	ErrNoTrackPermission         = errors.New("participant is not allowed to subscribe to this track")
--- a/pkg/rtc/participant.go
+++ b/pkg/rtc/participant.go
@@ -104,6 +104,7 @@ type ParticipantParams struct {
 	Sink                    routing.MessageSink
 	AudioConfig             config.AudioConfig
 	VideoConfig             config.VideoConfig
+	LimitConfig             config.LimitConfig
 	ProtocolVersion         types.ProtocolVersion
 	SessionStartTime        time.Time
 	Telemetry               telemetry.TelemetryService
@@ -136,7 +137,6 @@ type ParticipantParams struct {
 	VersionGenerator             utils.TimedVersionGenerator
 	TrackResolver                types.MediaTrackResolver
 	DisableDynacast              bool
-	MaxAttributesSize            uint32
 	SubscriberAllowPause         bool
 	SubscriptionLimitAudio       int32
 	SubscriptionLimitVideo       int32
@@ -407,6 +407,27 @@ func (p *ParticipantImpl) GetBufferFactory() *buffer.Factory {
 	return p.params.Config.BufferFactory
 }

+// CheckMetadataLimits check if name/metadata/attributes of a participant is within configured limits
+func (p *ParticipantImpl) CheckMetadataLimits(
+	name string,
+	metadata string,
+	attributes map[string]string,
+) error {
+	if !p.params.LimitConfig.CheckParticipantNameLength(name) {
+		return ErrNameExceedsLimits
+	}
+
+	if !p.params.LimitConfig.CheckMetadataSize(metadata) {
+		return ErrMetadataExceedsLimits
+	}
+
+	if !p.params.LimitConfig.CheckAttributesSize(attributes) {
+		return ErrAttributesExceedsLimits
+	}
+
+	return nil
+}
+
 // SetName attaches name to the participant
 func (p *ParticipantImpl) SetName(name string) {
 	p.lock.Lock()
@@ -460,9 +481,9 @@ func (p *ParticipantImpl) SetMetadata(metadata string) {
 	}
 }

-func (p *ParticipantImpl) SetAttributes(attrs map[string]string) error {
+func (p *ParticipantImpl) SetAttributes(attrs map[string]string) {
 	if len(attrs) == 0 {
-		return nil
+		return
 	}
 	p.lock.Lock()
 	grants := p.grants.Load().Clone()
@@ -481,18 +502,6 @@ func (p *ParticipantImpl) SetAttributes(attrs map[string]string) error {
 		delete(grants.Attributes, k)
 	}

-	maxAttributesSize := p.params.MaxAttributesSize
-	if maxAttributesSize > 0 {
-		total := 0
-		for k, v := range grants.Attributes {
-			total += len(k) + len(v)
-		}
-		if uint32(total) > maxAttributesSize {
-			p.lock.Unlock()
-			return ErrAttributeExceedsLimits
-		}
-	}
-
 	p.grants.Store(grants)
 	p.requireBroadcast = true // already checked above
 	p.dirty.Store(true)
@@ -507,7 +516,6 @@ func (p *ParticipantImpl) SetAttributes(attrs map[string]string) error {
 	if onClaimsChanged != nil {
 		onClaimsChanged(p)
 	}
-	return nil
 }

 func (p *ParticipantImpl) ClaimGrants() *auth.ClaimGrants {
--- a/pkg/rtc/room.go
+++ b/pkg/rtc/room.go
@@ -819,26 +819,6 @@ func (r *Room) SetMetadata(metadata string) <-chan struct{} {
 	return r.protoProxy.MarkDirty(true)
 }

-func (r *Room) UpdateParticipantMetadata(
-	participant types.LocalParticipant,
-	name string,
-	metadata string,
-	attributes map[string]string,
-) error {
-	if attributes != nil && len(attributes) > 0 {
-		if err := participant.SetAttributes(attributes); err != nil {
-			return err
-		}
-	}
-	if metadata != "" {
-		participant.SetMetadata(metadata)
-	}
-	if name != "" {
-		participant.SetName(name)
-	}
-	return nil
-}
-
 func (r *Room) sendRoomUpdate() {
 	roomInfo := r.ToProto()
 	// Send update to participants
--- a/pkg/rtc/signalhandler.go
+++ b/pkg/rtc/signalhandler.go
@@ -94,19 +94,37 @@ func HandleParticipantSignal(room types.Room, participant types.LocalParticipant
 	case *livekit.SignalRequest_UpdateMetadata:
 		var errorResponse *livekit.ErrorResponse
 		if participant.ClaimGrants().Video.GetCanUpdateOwnMetadata() {
-			err := room.UpdateParticipantMetadata(
-				participant,
+			if err := participant.CheckMetadataLimits(
 				msg.UpdateMetadata.Name,
 				msg.UpdateMetadata.Metadata,
 				msg.UpdateMetadata.Attributes,
-			)
-			if err != nil {
+			); err == nil {
+				if msg.UpdateMetadata.Name != "" {
+					participant.SetName(msg.UpdateMetadata.Name)
+				}
+				if msg.UpdateMetadata.Metadata != "" {
+					participant.SetMetadata(msg.UpdateMetadata.Metadata)
+				}
+				if msg.UpdateMetadata.Attributes != nil {
+					participant.SetAttributes(msg.UpdateMetadata.Attributes)
+				}
+			} else {
 				pLogger.Warnw("could not update metadata", err)

 				switch err {
-				case ErrAttributeExceedsLimits:
+				case ErrNameExceedsLimits:
 					errorResponse = &livekit.ErrorResponse{
-						Reason:  livekit.ErrorResponse_INVALID_ARGUMENT,
+						Reason:  livekit.ErrorResponse_LIMIT_EXCEEDED,
+						Message: "exceeds name length limit",
+					}
+				case ErrMetadataExceedsLimits:
+					errorResponse = &livekit.ErrorResponse{
+						Reason:  livekit.ErrorResponse_LIMIT_EXCEEDED,
+						Message: "exceeds metadata size limit",
+					}
+				case ErrAttributesExceedsLimits:
+					errorResponse = &livekit.ErrorResponse{
+						Reason:  livekit.ErrorResponse_LIMIT_EXCEEDED,
 						Message: "exceeds attributes size limit",
 					}
 				}
--- a/pkg/rtc/types/interfaces.go
+++ b/pkg/rtc/types/interfaces.go
@@ -328,9 +328,10 @@ type LocalParticipant interface {
 	HandleSignalSourceClose()

 	// updates
+	CheckMetadataLimits(name string, metadata string, attributes map[string]string) error
 	SetName(name string)
 	SetMetadata(metadata string)
-	SetAttributes(attributes map[string]string) error
+	SetAttributes(attributes map[string]string)

 	// permissions
 	ClaimGrants() *auth.ClaimGrants
@@ -441,7 +442,6 @@ type Room interface {
 	SimulateScenario(participant LocalParticipant, scenario *livekit.SimulateScenario) error
 	ResolveMediaTrackForSubscriber(subIdentity livekit.ParticipantIdentity, trackID livekit.TrackID) MediaResolverResult
 	GetLocalParticipants() []LocalParticipant
-	UpdateParticipantMetadata(participant LocalParticipant, name string, metadata string, attributes map[string]string) error
 }

 // MediaTrack represents a media track
--- a/pkg/rtc/types/typesfakes/fake_local_participant.go
+++ b/pkg/rtc/types/typesfakes/fake_local_participant.go
@@ -110,6 +110,19 @@ type FakeLocalParticipant struct {
 	canSubscribeReturnsOnCall map[int]struct {
 		result1 bool
 	}
+	CheckMetadataLimitsStub        func(string, string, map[string]string) error
+	checkMetadataLimitsMutex       sync.RWMutex
+	checkMetadataLimitsArgsForCall []struct {
+		arg1 string
+		arg2 string
+		arg3 map[string]string
+	}
+	checkMetadataLimitsReturns struct {
+		result1 error
+	}
+	checkMetadataLimitsReturnsOnCall map[int]struct {
+		result1 error
+	}
 	ClaimGrantsStub        func() *auth.ClaimGrants
 	claimGrantsMutex       sync.RWMutex
 	claimGrantsArgsForCall []struct {
@@ -744,17 +757,11 @@ type FakeLocalParticipant struct {
 	sendSpeakerUpdateReturnsOnCall map[int]struct {
 		result1 error
 	}
-	SetAttributesStub        func(map[string]string) error
+	SetAttributesStub        func(map[string]string)
 	setAttributesMutex       sync.RWMutex
 	setAttributesArgsForCall []struct {
 		arg1 map[string]string
 	}
-	setAttributesReturns struct {
-		result1 error
-	}
-	setAttributesReturnsOnCall map[int]struct {
-		result1 error
-	}
 	SetICEConfigStub        func(*livekit.ICEConfig)
 	setICEConfigMutex       sync.RWMutex
 	setICEConfigArgsForCall []struct {
@@ -1491,6 +1498,69 @@ func (fake *FakeLocalParticipant) CanSubscribeReturnsOnCall(i int, result1 bool)
 	}{result1}
 }

+func (fake *FakeLocalParticipant) CheckMetadataLimits(arg1 string, arg2 string, arg3 map[string]string) error {
+	fake.checkMetadataLimitsMutex.Lock()
+	ret, specificReturn := fake.checkMetadataLimitsReturnsOnCall[len(fake.checkMetadataLimitsArgsForCall)]
+	fake.checkMetadataLimitsArgsForCall = append(fake.checkMetadataLimitsArgsForCall, struct {
+		arg1 string
+		arg2 string
+		arg3 map[string]string
+	}{arg1, arg2, arg3})
+	stub := fake.CheckMetadataLimitsStub
+	fakeReturns := fake.checkMetadataLimitsReturns
+	fake.recordInvocation("CheckMetadataLimits", []interface{}{arg1, arg2, arg3})
+	fake.checkMetadataLimitsMutex.Unlock()
+	if stub != nil {
+		return stub(arg1, arg2, arg3)
+	}
+	if specificReturn {
+		return ret.result1
+	}
+	return fakeReturns.result1
+}
+
+func (fake *FakeLocalParticipant) CheckMetadataLimitsCallCount() int {
+	fake.checkMetadataLimitsMutex.RLock()
+	defer fake.checkMetadataLimitsMutex.RUnlock()
+	return len(fake.checkMetadataLimitsArgsForCall)
+}
+
+func (fake *FakeLocalParticipant) CheckMetadataLimitsCalls(stub func(string, string, map[string]string) error) {
+	fake.checkMetadataLimitsMutex.Lock()
+	defer fake.checkMetadataLimitsMutex.Unlock()
+	fake.CheckMetadataLimitsStub = stub
+}
+
+func (fake *FakeLocalParticipant) CheckMetadataLimitsArgsForCall(i int) (string, string, map[string]string) {
+	fake.checkMetadataLimitsMutex.RLock()
+	defer fake.checkMetadataLimitsMutex.RUnlock()
+	argsForCall := fake.checkMetadataLimitsArgsForCall[i]
+	return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3
+}
+
+func (fake *FakeLocalParticipant) CheckMetadataLimitsReturns(result1 error) {
+	fake.checkMetadataLimitsMutex.Lock()
+	defer fake.checkMetadataLimitsMutex.Unlock()
+	fake.CheckMetadataLimitsStub = nil
+	fake.checkMetadataLimitsReturns = struct {
+		result1 error
+	}{result1}
+}
+
+func (fake *FakeLocalParticipant) CheckMetadataLimitsReturnsOnCall(i int, result1 error) {
+	fake.checkMetadataLimitsMutex.Lock()
+	defer fake.checkMetadataLimitsMutex.Unlock()
+	fake.CheckMetadataLimitsStub = nil
+	if fake.checkMetadataLimitsReturnsOnCall == nil {
+		fake.checkMetadataLimitsReturnsOnCall = make(map[int]struct {
+			result1 error
+		})
+	}
+	fake.checkMetadataLimitsReturnsOnCall[i] = struct {
+		result1 error
+	}{result1}
+}
+
 func (fake *FakeLocalParticipant) ClaimGrants() *auth.ClaimGrants {
 	fake.claimGrantsMutex.Lock()
 	ret, specificReturn := fake.claimGrantsReturnsOnCall[len(fake.claimGrantsArgsForCall)]
@@ -4964,23 +5034,17 @@ func (fake *FakeLocalParticipant) SendSpeakerUpdateReturnsOnCall(i int, result1
 	}{result1}
 }

-func (fake *FakeLocalParticipant) SetAttributes(arg1 map[string]string) error {
+func (fake *FakeLocalParticipant) SetAttributes(arg1 map[string]string) {
 	fake.setAttributesMutex.Lock()
-	ret, specificReturn := fake.setAttributesReturnsOnCall[len(fake.setAttributesArgsForCall)]
 	fake.setAttributesArgsForCall = append(fake.setAttributesArgsForCall, struct {
 		arg1 map[string]string
 	}{arg1})
 	stub := fake.SetAttributesStub
-	fakeReturns := fake.setAttributesReturns
 	fake.recordInvocation("SetAttributes", []interface{}{arg1})
 	fake.setAttributesMutex.Unlock()
 	if stub != nil {
-		return stub(arg1)
+		fake.SetAttributesStub(arg1)
 	}
-	if specificReturn {
-		return ret.result1
-	}
-	return fakeReturns.result1
 }

 func (fake *FakeLocalParticipant) SetAttributesCallCount() int {
@@ -4989,7 +5053,7 @@ func (fake *FakeLocalParticipant) SetAttributesCallCount() int {
 	return len(fake.setAttributesArgsForCall)
 }

-func (fake *FakeLocalParticipant) SetAttributesCalls(stub func(map[string]string) error) {
+func (fake *FakeLocalParticipant) SetAttributesCalls(stub func(map[string]string)) {
 	fake.setAttributesMutex.Lock()
 	defer fake.setAttributesMutex.Unlock()
 	fake.SetAttributesStub = stub
@@ -5002,29 +5066,6 @@ func (fake *FakeLocalParticipant) SetAttributesArgsForCall(i int) map[string]str
 	return argsForCall.arg1
 }

-func (fake *FakeLocalParticipant) SetAttributesReturns(result1 error) {
-	fake.setAttributesMutex.Lock()
-	defer fake.setAttributesMutex.Unlock()
-	fake.SetAttributesStub = nil
-	fake.setAttributesReturns = struct {
-		result1 error
-	}{result1}
-}
-
-func (fake *FakeLocalParticipant) SetAttributesReturnsOnCall(i int, result1 error) {
-	fake.setAttributesMutex.Lock()
-	defer fake.setAttributesMutex.Unlock()
-	fake.SetAttributesStub = nil
-	if fake.setAttributesReturnsOnCall == nil {
-		fake.setAttributesReturnsOnCall = make(map[int]struct {
-			result1 error
-		})
-	}
-	fake.setAttributesReturnsOnCall[i] = struct {
-		result1 error
-	}{result1}
-}
-
 func (fake *FakeLocalParticipant) SetICEConfig(arg1 *livekit.ICEConfig) {
 	fake.setICEConfigMutex.Lock()
 	fake.setICEConfigArgsForCall = append(fake.setICEConfigArgsForCall, struct {
@@ -6575,6 +6616,8 @@ func (fake *FakeLocalParticipant) Invocations() map[string][][]interface{} {
 	defer fake.canSkipBroadcastMutex.RUnlock()
 	fake.canSubscribeMutex.RLock()
 	defer fake.canSubscribeMutex.RUnlock()
+	fake.checkMetadataLimitsMutex.RLock()
+	defer fake.checkMetadataLimitsMutex.RUnlock()
 	fake.claimGrantsMutex.RLock()
 	defer fake.claimGrantsMutex.RUnlock()
 	fake.closeMutex.RLock()
--- a/pkg/rtc/types/typesfakes/fake_room.go
+++ b/pkg/rtc/types/typesfakes/fake_room.go
@@ -82,20 +82,6 @@ type FakeRoom struct {
 	syncStateReturnsOnCall map[int]struct {
 		result1 error
 	}
-	UpdateParticipantMetadataStub        func(types.LocalParticipant, string, string, map[string]string) error
-	updateParticipantMetadataMutex       sync.RWMutex
-	updateParticipantMetadataArgsForCall []struct {
-		arg1 types.LocalParticipant
-		arg2 string
-		arg3 string
-		arg4 map[string]string
-	}
-	updateParticipantMetadataReturns struct {
-		result1 error
-	}
-	updateParticipantMetadataReturnsOnCall map[int]struct {
-		result1 error
-	}
 	UpdateSubscriptionPermissionStub        func(types.LocalParticipant, *livekit.SubscriptionPermission) error
 	updateSubscriptionPermissionMutex       sync.RWMutex
 	updateSubscriptionPermissionArgsForCall []struct {
@@ -499,70 +485,6 @@ func (fake *FakeRoom) SyncStateReturnsOnCall(i int, result1 error) {
 	}{result1}
 }

-func (fake *FakeRoom) UpdateParticipantMetadata(arg1 types.LocalParticipant, arg2 string, arg3 string, arg4 map[string]string) error {
-	fake.updateParticipantMetadataMutex.Lock()
-	ret, specificReturn := fake.updateParticipantMetadataReturnsOnCall[len(fake.updateParticipantMetadataArgsForCall)]
-	fake.updateParticipantMetadataArgsForCall = append(fake.updateParticipantMetadataArgsForCall, struct {
-		arg1 types.LocalParticipant
-		arg2 string
-		arg3 string
-		arg4 map[string]string
-	}{arg1, arg2, arg3, arg4})
-	stub := fake.UpdateParticipantMetadataStub
-	fakeReturns := fake.updateParticipantMetadataReturns
-	fake.recordInvocation("UpdateParticipantMetadata", []interface{}{arg1, arg2, arg3, arg4})
-	fake.updateParticipantMetadataMutex.Unlock()
-	if stub != nil {
-		return stub(arg1, arg2, arg3, arg4)
-	}
-	if specificReturn {
-		return ret.result1
-	}
-	return fakeReturns.result1
-}
-
-func (fake *FakeRoom) UpdateParticipantMetadataCallCount() int {
-	fake.updateParticipantMetadataMutex.RLock()
-	defer fake.updateParticipantMetadataMutex.RUnlock()
-	return len(fake.updateParticipantMetadataArgsForCall)
-}
-
-func (fake *FakeRoom) UpdateParticipantMetadataCalls(stub func(types.LocalParticipant, string, string, map[string]string) error) {
-	fake.updateParticipantMetadataMutex.Lock()
-	defer fake.updateParticipantMetadataMutex.Unlock()
-	fake.UpdateParticipantMetadataStub = stub
-}
-
-func (fake *FakeRoom) UpdateParticipantMetadataArgsForCall(i int) (types.LocalParticipant, string, string, map[string]string) {
-	fake.updateParticipantMetadataMutex.RLock()
-	defer fake.updateParticipantMetadataMutex.RUnlock()
-	argsForCall := fake.updateParticipantMetadataArgsForCall[i]
-	return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4
-}
-
-func (fake *FakeRoom) UpdateParticipantMetadataReturns(result1 error) {
-	fake.updateParticipantMetadataMutex.Lock()
-	defer fake.updateParticipantMetadataMutex.Unlock()
-	fake.UpdateParticipantMetadataStub = nil
-	fake.updateParticipantMetadataReturns = struct {
-		result1 error
-	}{result1}
-}
-
-func (fake *FakeRoom) UpdateParticipantMetadataReturnsOnCall(i int, result1 error) {
-	fake.updateParticipantMetadataMutex.Lock()
-	defer fake.updateParticipantMetadataMutex.Unlock()
-	fake.UpdateParticipantMetadataStub = nil
-	if fake.updateParticipantMetadataReturnsOnCall == nil {
-		fake.updateParticipantMetadataReturnsOnCall = make(map[int]struct {
-			result1 error
-		})
-	}
-	fake.updateParticipantMetadataReturnsOnCall[i] = struct {
-		result1 error
-	}{result1}
-}
-
 func (fake *FakeRoom) UpdateSubscriptionPermission(arg1 types.LocalParticipant, arg2 *livekit.SubscriptionPermission) error {
 	fake.updateSubscriptionPermissionMutex.Lock()
 	ret, specificReturn := fake.updateSubscriptionPermissionReturnsOnCall[len(fake.updateSubscriptionPermissionArgsForCall)]
@@ -687,8 +609,6 @@ func (fake *FakeRoom) Invocations() map[string][][]interface{} {
 	defer fake.simulateScenarioMutex.RUnlock()
 	fake.syncStateMutex.RLock()
 	defer fake.syncStateMutex.RUnlock()
-	fake.updateParticipantMetadataMutex.RLock()
-	defer fake.updateParticipantMetadataMutex.RUnlock()
 	fake.updateSubscriptionPermissionMutex.RLock()
 	defer fake.updateSubscriptionPermissionMutex.RUnlock()
 	fake.updateSubscriptionsMutex.RLock()
--- a/pkg/service/auth_test.go
+++ b/pkg/service/auth_test.go
@@ -29,7 +29,7 @@ import (

 func TestAuthMiddleware(t *testing.T) {
 	api := "APIabcdefg"
-	secret := "somesecretencodedinbase62"
+	secret := "somesecretencodedinbase62extendto32bytes"
 	provider := &authfakes.FakeKeyProvider{}
 	provider.GetSecretReturns(secret)

--- a/pkg/service/errors.go
+++ b/pkg/service/errors.go
@@ -25,6 +25,7 @@ var (
 	ErrIngressNotConnected              = psrpc.NewErrorf(psrpc.Internal, "ingress not connected (redis required)")
 	ErrIngressNotFound                  = psrpc.NewErrorf(psrpc.NotFound, "ingress does not exist")
 	ErrIngressNonReusable               = psrpc.NewErrorf(psrpc.InvalidArgument, "ingress is not reusable and cannot be modified")
+	ErrNameExceedsLimits                = psrpc.NewErrorf(psrpc.InvalidArgument, "name length exceeds limits")
 	ErrMetadataExceedsLimits            = psrpc.NewErrorf(psrpc.InvalidArgument, "metadata size exceeds limits")
 	ErrAttributeExceedsLimits           = psrpc.NewErrorf(psrpc.InvalidArgument, "attribute size exceeds limits")
 	ErrRoomNameExceedsLimits            = psrpc.NewErrorf(psrpc.InvalidArgument, "room name length exceeds limits")
--- a/pkg/service/roommanager.go
+++ b/pkg/service/roommanager.go
@@ -417,6 +417,7 @@ func (r *RoomManager) StartSession(
 		Sink:                    responseSink,
 		AudioConfig:             r.config.Audio,
 		VideoConfig:             r.config.Video,
+		LimitConfig:             r.config.Limit,
 		ProtocolVersion:         pv,
 		SessionStartTime:        sessionStartTime,
 		Telemetry:               r.telemetry,
@@ -433,7 +434,6 @@ func (r *RoomManager) StartSession(
 		AdaptiveStream:          pi.AdaptiveStream,
 		AllowTCPFallback:        allowFallback,
 		TURNSEnabled:            r.config.IsTURNSEnabled(),
-		MaxAttributesSize:       r.config.Limit.MaxAttributesSize,
 		GetParticipantInfo: func(pID livekit.ParticipantID) *livekit.ParticipantInfo {
 			if p := room.GetParticipantByID(pID); p != nil {
 				return p.ToProto()
@@ -703,7 +703,7 @@ func (r *RoomManager) MutePublishedTrack(ctx context.Context, req *livekit.MuteR
 }

 func (r *RoomManager) UpdateParticipant(ctx context.Context, req *livekit.UpdateParticipantRequest) (*livekit.ParticipantInfo, error) {
-	room, participant, err := r.roomAndParticipantForReq(ctx, req)
+	_, participant, err := r.roomAndParticipantForReq(ctx, req)
 	if err != nil {
 		return nil, err
 	}
@@ -713,10 +713,20 @@ func (r *RoomManager) UpdateParticipant(ctx context.Context, req *livekit.Update
 		"permission", req.Permission,
 		"attributes", req.Attributes,
 	)
-	err = room.UpdateParticipantMetadata(participant, req.Name, req.Metadata, req.Attributes)
-	if err != nil {
+	if err = participant.CheckMetadataLimits(req.Name, req.Metadata, req.Attributes); err != nil {
 		return nil, err
 	}
+
+	if req.Name != "" {
+		participant.SetName(req.Name)
+	}
+	if req.Metadata != "" {
+		participant.SetMetadata(req.Metadata)
+	}
+	if req.Attributes != nil {
+		participant.SetAttributes(req.Attributes)
+	}
+
 	if req.Permission != nil {
 		participant.SetPermission(req.Permission)
 	}
--- a/pkg/service/roomservice.go
+++ b/pkg/service/roomservice.go
@@ -86,8 +86,8 @@ func (s *RoomService) CreateRoom(ctx context.Context, req *livekit.CreateRoomReq
 		return nil, ErrEgressNotConnected
 	}

-	if limit := s.limitConf.MaxRoomNameLength; limit > 0 && len(req.Name) > limit {
-		return nil, fmt.Errorf("%w: max length %d", ErrRoomNameExceedsLimits, limit)
+	if !s.limitConf.CheckRoomNameLength(req.Name) {
+		return nil, fmt.Errorf("%w: max length %d", ErrRoomNameExceedsLimits, s.limitConf.MaxRoomNameLength)
 	}

 	rm, created, err := s.roomAllocator.CreateRoom(ctx, req)
@@ -248,19 +248,17 @@ func (s *RoomService) MutePublishedTrack(ctx context.Context, req *livekit.MuteR

 func (s *RoomService) UpdateParticipant(ctx context.Context, req *livekit.UpdateParticipantRequest) (*livekit.ParticipantInfo, error) {
 	AppendLogFields(ctx, "room", req.Room, "participant", req.Identity)
-	maxMetadataSize := int(s.limitConf.MaxMetadataSize)
-	if maxMetadataSize > 0 && len(req.Metadata) > maxMetadataSize {
-		return nil, twirp.InvalidArgumentError(ErrMetadataExceedsLimits.Error(), strconv.Itoa(maxMetadataSize))
+
+	if !s.limitConf.CheckParticipantNameLength(req.Name) {
+		return nil, twirp.InvalidArgumentError(ErrNameExceedsLimits.Error(), strconv.Itoa(s.limitConf.MaxParticipantNameLength))
 	}
-	maxAttributeSize := int(s.limitConf.MaxAttributesSize)
-	if maxAttributeSize > 0 {
-		total := 0
-		for key, val := range req.Attributes {
-			total += len(key) + len(val)
-		}
-		if total > maxAttributeSize {
-			return nil, twirp.InvalidArgumentError(ErrAttributeExceedsLimits.Error(), strconv.Itoa(maxAttributeSize))
-		}
+
+	if !s.limitConf.CheckMetadataSize(req.Metadata) {
+		return nil, twirp.InvalidArgumentError(ErrMetadataExceedsLimits.Error(), strconv.Itoa(int(s.limitConf.MaxMetadataSize)))
+	}
+
+	if !s.limitConf.CheckAttributesSize(req.Attributes) {
+		return nil, twirp.InvalidArgumentError(ErrAttributeExceedsLimits.Error(), strconv.Itoa(int(s.limitConf.MaxAttributesSize)))
 	}

 	if err := EnsureAdminPermission(ctx, livekit.RoomName(req.Room)); err != nil {