[chaotic-good] Fix frame fuzzer error. (#34794)

The frame fuzzer constructs random bytes and frame header to test
serialization and deserialization. There are error cases where the frame
header isn't constructed correctly and isn't align with the serialized
bytes. Added checks in frame header parser and initialize frame header's
flags and header/trailer length in serialization.

<!--

If you know who should review your pull request, please assign it to
that
person, otherwise the pull request would get assigned randomly.

If your pull request is for a specific language, please add the
appropriate
lang label.

-->

src/core/ext/transport/chaotic_good/frame.cc

@@ -50,6 +50,10 @@ class FrameSerializer {
  public:
   explicit FrameSerializer(FrameHeader header) : header_(header) {
     output_.AppendIndexed(kZeroSlice->Copy());
+    // Initialize header flags, header_length, trailer_length to 0.
+    header_.flags.SetAll(false);
+    header_.header_length = 0;
+    header_.trailer_length = 0;
   }
   // If called, must be called before AddTrailers, Finish.
   SliceBuffer& AddHeaders() {

src/core/ext/transport/chaotic_good/frame_header.cc

@@ -60,9 +60,15 @@ absl::StatusOr<FrameHeader> FrameHeader::Parse(const uint8_t* data) {
   header.flags = BitSet<2>::FromInt(flags);
   header.stream_id = ReadLittleEndianUint32(data + 4);
   header.header_length = ReadLittleEndianUint32(data + 8);
+  if (header.flags.is_set(0) && header.header_length <= 0) {
+    return absl::InvalidArgumentError("Invalid header length");
+  }
   header.message_length = ReadLittleEndianUint32(data + 12);
   header.message_padding = ReadLittleEndianUint32(data + 16);
   header.trailer_length = ReadLittleEndianUint32(data + 20);
+  if (header.flags.is_set(1) && header.trailer_length <= 0) {
+    return absl::InvalidArgumentError("Invalid trailer length");
+  }
   return header;
 }