Fix body int overflow issues in packetbeat HTTP parser, linter fixes

[fearful-symmetry]

Proposed commit message

A small PR that fixes a handful of integer overflow issues in the packetbeat HTTP parser.

Checklist

• My code follows the style guidelines of this project
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• I have made corresponding change to the default configuration files
• I have added tests that prove my fix is effective or that my feature works. Where relevant, I have used the stresstest.sh script to run them under stress conditions and race detector to verify their stability.
• I have added an entry in ./changelog/fragments using the changelog tool.

[github-actions]

🤖 GitHub comments

Just comment with:

• run docs-build : Re-trigger the docs validation. (use unformatted text in the comment!)

[mergify]

This pull request does not have a backport label.
If this is a bug or security fix, could you label this PR @fearful-symmetry? 🙏.
For such, you'll need to label your PR with:

• The upcoming major version of the Elastic Stack
• The upcoming minor version of the Elastic Stack (if you're not pushing a breaking change)

To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

• backport-8./d is the label to automatically backport to the 8./d branch. /d is the digit
• backport-active-all is the label that automatically backports to all active branches.
• backport-active-8 is the label that automatically backports to all active minor branches for the 8 major.
• backport-active-9 is the label that automatically backports to all active minor branches for the 9 major.

[Copilot]

Pull request overview

This PR addresses integer overflow vulnerabilities in the packetbeat HTTP parser by adding validation checks before type conversions to uint64 and uint16. It also includes linter fixes that standardize error message formatting to lowercase.

Changes:

• Added overflow checks for status codes, body sizes, and chunk sizes before converting to unsigned integer types
• Standardized error messages to use lowercase formatting per linting conventions
• Added a changelog fragment documenting the bug fix

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File	Description
packetbeat/protos/http/http_parser.go	Added integer overflow validation checks and standardized error message casing
changelog/fragments/1769534243-add-int-checks-to-http-parser.yaml	Added changelog entry documenting the HTTP parser integer overflow bug fixes

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[elasticmachine]

Pinging @elastic/sec-linux-platform (Team:Security-Linux Platform)

[github-actions]

@Mergifyio backport 8.19 9.2 9.3

[mergify]

backport 8.19 9.2 9.3

✅ Backports have been created

Details

• #48612 [8.19](backport #48563) Fix body int overflow issues in packetbeat HTTP parser, linter fixes has been created for branch 8.19
• #48613 [9.2](backport #48563) Fix body int overflow issues in packetbeat HTTP parser, linter fixes has been created for branch 9.2
• #48614 [9.3](backport #48563) Fix body int overflow issues in packetbeat HTTP parser, linter fixes has been created for branch 9.3