[7.4] 54e2462bd http2_hpack: Enforce http_req_hdr_len limit

[Dridi Boukelmoune]

commit 54e2462bd9bb12bddc86822aff38f4788bd3f009
Author: Dridi Boukelmoune <dridi.boukelmoune at gmail.com>
Date:   Thu Mar 28 15:21:01 2024 +0100

    http2_hpack: Enforce http_req_hdr_len limit
    
    Refs #3709

diff --git a/bin/varnishd/http2/cache_http2_hpack.c b/bin/varnishd/http2/cache_http2_hpack.c
index 531c50307..b47dba507 100644
--- a/bin/varnishd/http2/cache_http2_hpack.c
+++ b/bin/varnishd/http2/cache_http2_hpack.c
@@ -161,7 +161,7 @@ h2h_addhdr(struct http *hp, struct h2h_decode *d)
 	disallow_empty = 0;
 	has_dup = 0;
 
-	if (Tlen(hdr) > UINT_MAX) {	/* XXX: cache_param max header size */
+	if (Tlen(hdr) > cache_param->http_req_hdr_len) {
 		VSLb(hp->vsl, SLT_BogoHeader, "Header too large: %.20s", hdr.b);
 		return (H2SE_ENHANCE_YOUR_CALM);
 	}
diff --git a/bin/varnishtest/tests/r03709.vtc b/bin/varnishtest/tests/r03709.vtc
new file mode 100644
index 000000000..7439efba3
--- /dev/null
+++ b/bin/varnishtest/tests/r03709.vtc
@@ -0,0 +1,21 @@
+varnishtest "h2 req limits"
+
+varnish v1 -cliok "param.set feature +http2"
+varnish v1 -cliok "param.set http_req_hdr_len 40b"
+varnish v1 -vcl {
+	backend be none;
+} -start
+
+logexpect l1 -v v1 -g raw -q BogoHeader {
+	expect 0 1001 BogoHeader "Header too large: :path"
+} -start
+
+client c1 {
+	stream next {
+		txreq -url ${string,repeat,4,/123456789}
+		rxrst
+		expect rst.err == ENHANCE_YOUR_CALM
+	} -run
+} -run
+
+logexpect l1 -wait