Skip to content

Fix integer underflow in try_range_response for empty files #3566

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Nov 22, 2025
Merged

Fix integer underflow in try_range_response for empty files #3566

merged 2 commits into from
Nov 22, 2025
+61 −7

Conversation

@Darksonn
Copy link
Contributor

@Darksonn Darksonn commented Nov 19, 2025

Thanks to @mufeedvh for reporting this bug.

@Darksonn Darksonn force-pushed the underflow-try-range-response branch from 430699d to d5b43a3 Compare November 19, 2025 18:27
@seanmonstar
Copy link
Member

seanmonstar commented Nov 19, 2025

Just to add a note from spec:

For a GET request, a valid bytes range-spec is satisfiable if it is either:

  • an int-range with a first-pos that is less than the current length of the selected representation

So, with a file of 0 bytes, the first-pos of 0 is not less than the length, and thus is now rejected.

@yanns
Copy link
Collaborator

yanns commented Nov 19, 2025

From CI:

error: the borrowed expression implements the required traits
   --> axum-extra/src/response/file_stream.rs:615:34
    |
615 |         std::fs::write(filename, &[]).unwrap();
    |                                  ^^^ help: change this to: `[]`

@Darksonn Darksonn force-pushed the underflow-try-range-response branch from d5b43a3 to 4d568ab Compare November 19, 2025 21:30
@Darksonn
Copy link
Contributor Author

Darksonn commented Nov 19, 2025

Fixed thanks.

jplatte
jplatte reviewed Nov 20, 2025
View reviewed changes
@Darksonn Darksonn force-pushed the underflow-try-range-response branch from f86bcea to 24c5b86 Compare November 21, 2025 15:36
darth-raijin
darth-raijin reviewed Nov 22, 2025
View reviewed changes
Copy link
Contributor

@darth-raijin darth-raijin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Small question, feel free to ignore it was meant as food for thought

axum-extra/src/response/file_stream.rs
let total_size = metadata.len();

if total_size == 0 {
return Ok((StatusCode::RANGE_NOT_SATISFIABLE, "Range Not Satisfiable").into_response());
Copy link
Contributor

@darth-raijin darth-raijin Nov 22, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Question:
I noticed that the error body "Range Not Satisfiable" is hard-coded directly into the response. Would it make sense to extract this into a shared constant so tests can assert on the exact same value?

Having the literal inline makes tests fragile, since they need to duplicate the exact string. If the message ever changes, that could also unintentionally break consumers relying on the current wording or cause test drift.

In particular, there are two branches in this PR that both return StatusCode::RANGE_NOT_SATISFIABLE. It might be useful if the test also asserted on the error body, to ensure the StatusCode::RANGE_NOT_SATISFIABLE comes from the branch in file_stream.rs with the expected response body, and not the test branch.

@jplatte jplatte merged commit 601d775 into main Nov 22, 2025
18 checks passed
@jplatte jplatte deleted the underflow-try-range-response branch November 22, 2025 19:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@martin-g martin-g martin-g left review comments

@seanmonstar seanmonstar seanmonstar approved these changes

@yanns yanns yanns approved these changes

@jplatte jplatte jplatte approved these changes

+1 more reviewer

@darth-raijin darth-raijin darth-raijin left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@Darksonn @seanmonstar @yanns @martin-g @jplatte @darth-raijin