Problem
`validateRenderStartPayload` strictly checks the preset against an allowlist (good), but doesn't bound the string length before doing so. A caller can send a megabyte-sized `preset` string; `RENDER_PRESETS.has` short-circuits to `false` but the validator allocates the full buffer first. Similarly, `encode` accepts only exact `"H264" | "H265"` — but "h264" (lowercase) silently fails with a generic message that could be friendlier.
Expected
- Length check (e.g. `<= 32 chars`) before the allowlist check on `preset`.
- Distinct error message when `encode` is a non-canonical string ("h264", "h.264", etc.).
Acceptance
Problem
`validateRenderStartPayload` strictly checks the preset against an allowlist (good), but doesn't bound the string length before doing so. A caller can send a megabyte-sized `preset` string; `RENDER_PRESETS.has` short-circuits to `false` but the validator allocates the full buffer first. Similarly, `encode` accepts only exact `"H264" | "H265"` — but "h264" (lowercase) silently fails with a generic message that could be friendlier.
Expected
Acceptance