core: bound HTTP/3 request header size for DoH3 (#8135)

This PR Set a conservative MaxHeaderBytes value on the DoH3 HTTP/3 server.
This reduces memory exposure from large request headers before requests
reach the DoH handler.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

core/dnsserver/server_https3.go

@@ -26,6 +26,8 @@ import (
 const (
 	// DefaultHTTPS3MaxStreams is the default maximum number of concurrent QUIC streams per connection.
 	DefaultHTTPS3MaxStreams = 256
+	// DefaultHTTPS3MaxHeaderBytes limits HTTP/3 header memory before requests reach the DoH handler.
+	DefaultHTTPS3MaxHeaderBytes = 16 << 10 // 16 KiB
 )
 
 // ServerHTTPS3 represents a DNS-over-HTTP/3 server.
@@ -91,6 +93,7 @@ func NewServerHTTPS3(addr string, group []*Config) (*ServerHTTPS3, error) {
 		TLSConfig:       tlsConfig,
 		EnableDatagrams: true,
 		QUICConfig:      qconf,
+		MaxHeaderBytes:  DefaultHTTPS3MaxHeaderBytes,
 		// Logger: stdlog.New(&loggerAdapter{}, "", 0), TODO: Fix it
 	}
 

core/dnsserver/server_https3_test.go

@@ -152,6 +152,27 @@ func TestNewServerHTTPS3ZeroLimits(t *testing.T) {
 	}
 }
 
+func TestNewServerHTTPS3DefaultMaxHeaderBytes(t *testing.T) {
+	c := Config{
+		Zone:        "example.com.",
+		Transport:   "https3",
+		TLSConfig:   &tls.Config{},
+		ListenHosts: []string{"127.0.0.1"},
+		Port:        "443",
+	}
+
+	server, err := NewServerHTTPS3("127.0.0.1:443", []*Config{&c})
+	if err != nil {
+		t.Fatalf("NewServerHTTPS3() failed: %v", err)
+	}
+
+	if server.httpsServer.MaxHeaderBytes != DefaultHTTPS3MaxHeaderBytes {
+		t.Errorf("expected MaxHeaderBytes = %d, got %d",
+			DefaultHTTPS3MaxHeaderBytes,
+			server.httpsServer.MaxHeaderBytes)
+	}
+}
+
 func testConfigWithTSIGCheckPluginHTTPS3(t *testing.T, check func(*testing.T, error)) *Config {
 	t.Helper()