diff --git a/mqttpacket.cpp b/mqttpacket.cpp
index 93f7886..f529ef3 100644
--- a/mqttpacket.cpp
+++ b/mqttpacket.cpp
@@ -334,7 +334,15 @@ void MqttPacket::handleSubscribe()
     {
         uint16_t topicLength = readTwoBytesToUInt16();
         std::string topic(readBytes(topicLength), topicLength);
+
+        if (topic.empty() || !isValidUtf8(topic))
+            throw ProtocolError("Subscribe topic not valid UTF-8.");
+
         char qos = readByte();
+
+        if (qos > 2)
+            throw ProtocolError("QoS is greater than 2, and/or reserved bytes in QoS field are not 0.");
+
         logger->logf(LOG_INFO, "Client '%s' subscribed to '%s'", sender->repr().c_str(), topic.c_str());
         sender->getThreadData()->getSubscriptionStore()->addSubscription(sender, topic, qos);
         subs_reponse_codes.push_back(qos);
diff --git a/session.cpp b/session.cpp
index d74b2ce..1864073 100644
--- a/session.cpp
+++ b/session.cpp
@@ -33,6 +33,8 @@ void Session::assignActiveConnection(std::shared_ptr<Client> &client)
 
 void Session::writePacket(const MqttPacket &packet, char max_qos)
 {
+    assert(max_qos <= 2);
+
     if (thread->authPlugin.aclCheck(client_id, username, packet.getTopic(), AclAccess::read) == AuthResult::success)
     {
         const char qos = std::min<char>(packet.getQos(), max_qos);