Upstream: limit response header field sizes for HTTP/2 and gRPC
HTTP/2 and gRPC upstream response header parsing used the HPACK string
length to allocate header name and value buffers. The length was not
checked against the configured upstream buffer size before allocation.
A malicious upstream could force nginx to allocate excessive
request-pool memory before the header was rejected.
Reject oversized HTTP/2 header name and value lengths before allocation.
Also keep a per-header-block limit based on the upstream buffer size, so
a header block cannot consume unbounded memory across fields.