🐛 bug: Improve suffix range normalization

[gaby]

Summary

• clamp oversized suffix range starts using max() for clearer normalization
• consolidate suffix range normalization coverage into ctx_test.go while validating status codes and Content-Range headers for suffix and unsatisfiable requests

[coderabbitai]

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

Walkthrough

A bug fix modifies HTTP suffix-range parsing in req.go to clamp negative start positions to 0 when handling range requests like bytes=-N. A comprehensive test suite is added to ctx_test.go validating correct behavior across partial content, full content, and unsatisfiable range scenarios.

Changes

Cohort / File(s)	Summary
Suffix-range parsing fix req.go	Modified DefaultReq.Range to calculate suffix-range start as max(size - end, 0) instead of size - end, clamping negative results to 0
Range suffix normalization test ctx_test.go	Added Test_Ctx_Range_SuffixNormalization with test cases validating suffix-range handling for partial content, full content, oversized suffixes, and 416 unsatisfiable range responses

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

• Single-line arithmetic change in req.go that clamps suffix-range calculations
• Comprehensive test covering multiple edge cases validates the fix

Possibly related PRs

• 🧹 chore: Use int64 when dealing with HTTP Ranges #3874: Refactors Range parsing to int64 and introduces clamping/validation helpers for similar suffix-range handling improvements
• 🐛 bug: Fix Range() handling of HTTP 416 per RFC 9110 #3552: Implements HTTP 416 response with Content-Range header for unsatisfiable ranges, complementing this suffix-range normalization fix

Suggested labels

☢️ Bug, v3

Suggested reviewers

• sixcolors
• efectn
• ReneWerner87

Poem

🐰 A hoppy hop through bytes gone wrong,
Negative starts now clamp along,
From -N ranges, we subtract with care,
Max of zero keeps us fair,
Tests now bounce with every case! 🌟

Pre-merge checks and finishing touches

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 33.33% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.
Description check	⚠️ Warning	The PR description is minimal but addresses core changes: suffix range normalization via max() and consolidated test coverage. However, it lacks detail on the problem being solved, impact analysis, and missing all required template sections.	Expand the description to include: the specific issue being fixed (with issue number), detailed explanation of changes, benefits, affected functionality, required checklist items, and type of change classification per the template.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title check	✅ Passed	Title clearly identifies the main change: suffix range normalization improvement in the Range handling logic with a bug fix designation.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch update-range-handling-and-tests-for-req.go

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello @gaby, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses a bug in the handling of HTTP range requests, specifically for suffix ranges. The core change ensures that when a requested suffix is larger than the actual content, the calculated start of the range correctly defaults to the beginning of the content (index 0), preventing invalid range calculations. This fix is accompanied by a significant expansion of the test suite, providing robust validation for various suffix range scenarios and their expected HTTP status codes and Content-Range headers, thereby improving the reliability of content delivery for partial requests.

Highlights

• Improved Suffix Range Normalization: The logic for normalizing suffix ranges (e.g., bytes=-20) has been enhanced to correctly handle cases where the requested suffix length is greater than the total content size. The start index is now clamped to 0 using max(size - end, 0) to prevent negative values.
• Expanded Test Coverage for Range Handling: Comprehensive test cases have been added in ctx_test.go to validate the behavior of suffix range normalization. These tests cover scenarios including suffixes smaller than, equal to, and larger than the content size, as well as unsatisfiable mixed ranges, ensuring correct Content-Range headers and HTTP status codes (200 OK, 206 Partial Content, 416 Requested Range Not Satisfiable).

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request correctly fixes a bug in suffix range normalization by ensuring the start of the range is never negative. The fix is simple and effective. The accompanying new test, Test_Ctx_Range_SuffixNormalization, provides good coverage for various suffix range scenarios, including oversized suffixes, which directly validates the fix. I've added one suggestion to improve the maintainability of the new test code by replacing magic numbers with a constant.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 91.67%. Comparing base (0ca295a) to head (c8dddbe).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3902      +/-   ##
==========================================
+ Coverage   91.65%   91.67%   +0.01%     
==========================================
  Files         119      119              
  Lines       10039    10039              
==========================================
+ Hits         9201     9203       +2     
+ Misses        532      531       -1     
+ Partials      306      305       -1     

Flag	Coverage Δ
unittests	91.67% <100.00%> (+0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[Copilot]

Pull request overview

This PR improves the handling of HTTP suffix-byte-range requests by clamping negative start values to zero when the requested suffix length exceeds the resource size. This ensures compliance with RFC 7233, which specifies that suffix ranges larger than the resource should return the entire resource rather than causing errors.

• Changed suffix range calculation from start = size - end to start = max(size-end, 0) to prevent negative start values
• Added comprehensive test coverage for suffix range normalization including edge cases (suffix smaller than, equal to, and larger than resource size)
• Validated proper HTTP status codes (206 for partial content, 200 for full content) and Content-Range headers

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File	Description
req.go	Improved suffix range normalization by clamping oversized suffix range starts using max() to prevent negative values
ctx_test.go	Added comprehensive test coverage for suffix range normalization scenarios including status codes and Content-Range header validation

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 357a48a and c8dddbe.

📒 Files selected for processing (2)

• ctx_test.go (1 hunks)
• req.go (1 hunks)

🧰 Additional context used

📓 Path-based instructions (2)

**/*.go

📄 CodeRabbit inference engine (AGENTS.md)

Prefer github.com/gofiber/utils/v2 helpers (for example, utils.Trim) when performing common operations such as string manipulation, whenever it is practical and appropriate for the surrounding code

Files:

• req.go
• ctx_test.go

**/*_test.go

📄 CodeRabbit inference engine (AGENTS.md)

When adding Go tests, always invoke t.Parallel() at the start of each test and subtest to maximize concurrency

Files:

• ctx_test.go

🧠 Learnings (2)

📓 Common learnings

Learnt from: gaby
Repo: gofiber/fiber PR: 3170
File: ctx_test.go:1721-1724
Timestamp: 2024-10-16T12:12:30.506Z
Learning: In the Go unit tests in `ctx_test.go`, it is acceptable to use invalid CIDR notation such as `"0.0.0.1/31junk"` for testing purposes.

📚 Learning: 2025-11-26T13:34:08.088Z

Learnt from: CR
Repo: gofiber/fiber PR: 0
File: AGENTS.md:0-0
Timestamp: 2025-11-26T13:34:08.088Z
Learning: Applies to **/*_test.go : When adding Go tests, always invoke `t.Parallel()` at the start of each test and subtest to maximize concurrency

Applied to files:

• ctx_test.go

🧬 Code graph analysis (1)

ctx_test.go (3)

ctx_interface_gen.go (1)

• Ctx (18-432)

constants.go (5)

• HeaderRange (236-236)
• StatusRequestedRangeNotSatisfiable (89-89)
• HeaderContentRange (234-234)
• StatusPartialContent (58-58)
• StatusOK (52-52)

req.go (1)

• Range (19-22)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)

• GitHub Check: Agent
• GitHub Check: repeated
• GitHub Check: unit (1.25.x, macos-latest)
• GitHub Check: unit (1.25.x, windows-latest)
• GitHub Check: lint
• GitHub Check: Compare
• GitHub Check: Analyse

🔇 Additional comments (1)

req.go (1)

741-821: Suffix-range clamping looks correct and aligns with HTTP semantics

Using start = max(size-end, 0) for bytes=-N avoids negative starts when N >= size and cleanly normalizes oversized suffixes to the full range [0, size-1], while still relying on the existing guards (start > end || start < 0) and overflow checks in parseBound. This is consistent with the new tests and with how SendFile already behaves for suffix ranges.