From 1c642ed8baef0d90a0d85f36dc3651a86c62a73f Mon Sep 17 00:00:00 2001
From: Cedric Vandendriessche <cedric.vddriessche@telenet.be>
Date: Thu, 28 Mar 2024 11:48:25 +0100
Subject: [PATCH] Parse entire HTTP chunk size #396

Continue parsing HTTP chunk size up until Int.MaxValue so the actual
size of the chunk can be logged if it exceeds the configured max chunk
size.
---
 .../http/impl/engine/parsing/HttpMessageParser.scala     | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/http-core/src/main/scala/org/apache/pekko/http/impl/engine/parsing/HttpMessageParser.scala b/http-core/src/main/scala/org/apache/pekko/http/impl/engine/parsing/HttpMessageParser.scala
index ea7edccaf..6d919b2de 100644
--- a/http-core/src/main/scala/org/apache/pekko/http/impl/engine/parsing/HttpMessageParser.scala
+++ b/http-core/src/main/scala/org/apache/pekko/http/impl/engine/parsing/HttpMessageParser.scala
@@ -307,17 +307,20 @@ private[http] trait HttpMessageParser[Output >: MessageOutput <: ParserOutput] {
         s"HTTP chunk extension length exceeds configured limit of ${settings.maxChunkExtLength} characters")
 
     @tailrec def parseSize(cursor: Int, size: Long): StateResult =
-      if (size <= settings.maxChunkSize) {
+      if (size <= Int.MaxValue) {
         byteChar(input, cursor) match {
           case c if CharacterClasses.HEXDIG(c) => parseSize(cursor + 1, size * 16 + CharUtils.hexValue(c))
-          case ';' if cursor > offset          => parseChunkExtensions(size.toInt, cursor + 1)()
+          case c if size > settings.maxChunkSize =>
+            failEntityStream(
+              s"HTTP chunk of $size bytes exceeds the configured limit of ${settings.maxChunkSize} bytes")
+          case ';' if cursor > offset => parseChunkExtensions(size.toInt, cursor + 1)()
           case '\r' if cursor > offset && byteChar(input, cursor + 1) == '\n' =>
             parseChunkBody(size.toInt, "", cursor + 2)
           case '\n' if cursor > offset      => parseChunkBody(size.toInt, "", cursor + 1)
           case c if CharacterClasses.WSP(c) => parseSize(cursor + 1, size) // illegal according to the spec but can happen, see issue #1812
           case c                            => failEntityStream(s"Illegal character '${escape(c)}' in chunk start")
         }
-      } else failEntityStream(s"HTTP chunk size exceeds the configured limit of ${settings.maxChunkSize} bytes")
+      } else failEntityStream(s"HTTP chunk size exceeds ${Int.MaxValue} bytes")
 
     try parseSize(offset, 0)
     catch {