Enforce 8KB sanity limit on chunk headers

Author: ashtum

include/boost/beast/http/impl/basic_parser.ipp

@@ -613,6 +613,11 @@ parse_chunk_header(char const*& in,
         return;
     if(! eol)
     {
+        if(n + skip_ >= 8192)
+        {
+            BOOST_BEAST_ASSIGN_EC(ec, error::bad_chunk_extension);
+            return;
+        }
         BOOST_BEAST_ASSIGN_EC(ec, error::need_more);
         if(p != pend)
             skip_ = pend - p - 1;

test/beast/http/basic_parser.cpp

@@ -946,6 +946,22 @@ class basic_parser_test : public beast::unit_test::suite
             p.put(b.data(), ec);
             BEAST_EXPECTS(ec == error::body_limit, ec.message());
         }
+        {
+            multi_buffer b;
+            ostream(b) <<
+                "POST / HTTP/1.1\r\n"
+                "Transfer-Encoding: chunked\r\n"
+                "\r\n"
+                "1;" << std::string(8192 - 3, 'x');
+            error_code ec;
+            test_parser<true> p;
+            p.eager(true);
+            b.consume(p.put(b.data(), ec));
+            BEAST_EXPECTS(ec == error::need_more, ec.message());
+            ostream(b) << 'x';
+            b.consume(p.put(b.data(), ec));
+            BEAST_EXPECTS(ec == error::bad_chunk_extension, ec.message());
+        }
     }
 
     //--------------------------------------------------------------------------