read_unordered can issue redundant flow control credit

[Ralith]

Stream assembly only deduplicates buffered data when the number of buffered frames exceeds a critical threshold. Because read_unordered pulls frames directly out of the buffer and does not keep track of previously-read data, receiving the same stream frame multiple times can lead to arbitrarily large increases in flow control limits. A malicious or buggy peer could leverage this to perform a memory-exhaustion DoS on an application that uses read_unordered.

One approach for a fix is to maintain a RangeSet defining which portions of the stream have not yet been read when using unordered reads, just as the assembler's offset defines that for ordered reads. Redundant data could then be discarded for both flow control and application processing purposes.