Buffconn should buffer upto maxHeaderBytes to avoid ErrBufferFull

[harshavardhana]

Description

Buffconn should buffer up to maxHeaderBytes to avoid ErrBufferFull

Motivation and Context

It can happen with erroneous clients which do not send Host:
header until 4k worth of header bytes has been read. This can lead
to Peek() method of bufio to fail with ErrBufferFull.

To avoid this we should make sure that Peek buffer is as large as
our maxHeaderBytes count.

Regression

No

How Has This Been Tested?

https://play.golang.org/p/COImHdhMj-J here is an example code to reproduce a version of this issue.

package main

import (
	"bufio"
	"fmt"
	"strings"
)

// This is an example to show why getMethodResourceHost() might fail
// in certain situations when the Host header is sent by the client
// a few bytes later. https://github.com/minio/minio/blob/master/cmd/http/listener.go#L98
func main() {
	s := strings.NewReader(`
GET / HTTP/1.1
User-Agent: Minio (linux; amd64) minio-go/v6.0.8 mc/2018-12-18T08:29:42Z
Authorization: AWS4-HMAC-SHA256 Credential=minio/20181221/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=b5b57aa78845123d6b23d70b296920c784ef1b593de6ad9108011ba986764fb3
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181221T211952Z
Host: localhost:9000`)

	// Buffer is only 16 bytes
	r := bufio.NewReaderSize(s, 16)

	// The looping up '512' max header bytes, so this means that if we Peek
	// beyond the buffer i.e '16' the following code will panic. It is possible
	// that "host:" header might actually arrive last upto 'maxHeaderBytes'
	for count := 1; count < 512; count++ {
		token, err := r.Peek(count)
		if err != nil {
			panic(err)
		}
		fmt.Printf("Token: %q\n", token)
	}
}

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I have added unit tests to cover my changes.
• I have added/updated functional tests in mint. (If yes, add mint PR # here: )
• All new and existing tests passed.

[codecov]

Codecov Report

Merging #7017 into master will increase coverage by 0.27%.
The diff coverage is 100%.

@@            Coverage Diff             @@
##           master    #7017      +/-   ##
==========================================
+ Coverage   51.54%   51.81%   +0.27%     
==========================================
  Files         261      271      +10     
  Lines       32981    43183   +10202     
==========================================
+ Hits        17000    22376    +5376     
- Misses      13977    18799    +4822     
- Partials     2004     2008       +4

Impacted Files	Coverage Δ
cmd/http/bufconn.go	86.95% <100%> (-1.94%)	⬇️
cmd/http/listener.go	81.25% <100%> (+1.46%)	⬆️
cmd/http/conn_bug_21133.go	66.66% <0%> (-8.34%)	⬇️
cmd/gateway-main.go	15.6% <0%> (-7.28%)	⬇️
main.go	50% <0%> (-7.15%)	⬇️
pkg/madmin/utils.go	16.66% <0%> (-7.15%)	⬇️
cmd/globals.go	56.52% <0%> (-7.12%)	⬇️
cmd/auth-handler.go	67.89% <0%> (-6.01%)	⬇️
cmd/lock-rpc-server.go	30.76% <0%> (-6%)	⬇️
cmd/service.go	21.42% <0%> (-5.85%)	⬇️
... and 240 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 6320229...7a83e48. Read the comment docs.

[minio-ops]

Mint Automation

Test	Result
mint-tls.sh	✔️
mint-compression-xl.sh	✔️
mint-xl.sh	✔️
mint-large-bucket.sh	✔️
mint-compression-fs.sh	✔️
mint-worm.sh	✔️
mint-fs.sh	✔️
mint-dist-xl.sh	✔️