http_inspector cannot handle valid HTTP inspection that requires >8192 bytes to resolve

[howardjohn]

If you are reporting any crash or any potential security issue, do not
open an issue in this repo. Please report the issue via emailing
envoy-security@googlegroups.com where the issue will be triaged appropriately.

Title: http_inspector cannot handle valid HTTP inspection that requires >8192 bytes to resolve

Description:
We discovered an issue in the http_inspector where requests that are valid HTTP but exceed 8192 bytes cause the filter execution to hang.

You can see we will hit this code path at which point we have stopped iteration, but we are also at the max size we are willing to read.

Contrast this to the TLS Inspector code which dynamically changes how much it will read.

Repro steps:
Send a request with an >8192 byte url. I used the query param, not sure it matters

[kyessenov]

CC @briansonnenberg since you were looking into hardening the extension.

[github-actions]

This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or "no stalebot" or other activity occurs. Thank you for your contributions.

[github-actions]

This issue has been automatically closed because it has not had activity in the last 37 days. If this issue is still valid, please ping a maintainer and ask them to label it as "help wanted" or "no stalebot". Thank you for your contributions.

[howardjohn]

Can this be reopened?

[briansonnenberg]

Go ahead and assign it to me, I'll take a look. @kyessenov