Re: [PATCH] module: procfs: fix signed integer overflow in module_total_size()

Next message: Doug Anderson: "Re: [PATCH 2/4] drivers/firmware: add SDEI cross-CPU NMI service for arm64"
Previous message: Doug Anderson: "Re: [PATCH 1/4] firmware: arm_sdei: add SDEI_EVENT_SIGNAL support"
In reply to: Naveen Kumar Chaudhary: "[PATCH] module: procfs: fix signed integer overflow in module_total_size()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Sami Tolvanen

Date: Fri Jun 05 2026 - 16:52:45 EST

On Wed, Jun 03, 2026 at 09:54:11PM +0530, Naveen Kumar Chaudhary wrote:
> module_total_size() accumulates unsigned section sizes into a signed int
> before returning as unsigned int. If the total exceeds INT_MAX, this is
> signed integer overflow.

This doesn't sound accurate to me. The compiler performs an implicit
type conversion, but there's no signed integer overflow:

https://godbolt.org/z/hzGrYMsPW

> Change the accumulator to unsigned int to match the return type.
>
> Signed-off-by: Naveen Kumar Chaudhary <naveen.osdev@xxxxxxxxx>
> ---
> kernel/module/procfs.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/kernel/module/procfs.c b/kernel/module/procfs.c
> index 0a4841e88adb..90712aa9dd13 100644
> --- a/kernel/module/procfs.c
> +++ b/kernel/module/procfs.c
> @@ -64,7 +64,7 @@ static void m_stop(struct seq_file *m, void *p)
>
> static unsigned int module_total_size(struct module *mod)
> {
> - int size = 0;
> + unsigned int size = 0;

While there's no behavioral difference, using unsigned int seems like
good hygiene. With the commit message corrected:

Reviewed-by: Sami Tolvanen <samitolvanen@xxxxxxxxxx>

Sami