kernel/module/procfs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
module_total_size() accumulates unsigned section sizes into a signed int
before returning as unsigned int. If the total exceeds INT_MAX, this is
signed integer overflow.
Change the accumulator to unsigned int to match the return type.
Signed-off-by: Naveen Kumar Chaudhary <naveen.osdev@gmail.com>
---
kernel/module/procfs.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/module/procfs.c b/kernel/module/procfs.c
index 0a4841e88adb..90712aa9dd13 100644
--- a/kernel/module/procfs.c
+++ b/kernel/module/procfs.c
@@ -64,7 +64,7 @@ static void m_stop(struct seq_file *m, void *p)
static unsigned int module_total_size(struct module *mod)
{
- int size = 0;
+ unsigned int size = 0;
for_each_mod_mem_type(type)
size += mod->mem[type].size;
--
2.43.0On Wed, Jun 03, 2026 at 09:54:11PM +0530, Naveen Kumar Chaudhary wrote:
> module_total_size() accumulates unsigned section sizes into a signed int
> before returning as unsigned int. If the total exceeds INT_MAX, this is
> signed integer overflow.
This doesn't sound accurate to me. The compiler performs an implicit
type conversion, but there's no signed integer overflow:
https://godbolt.org/z/hzGrYMsPW
> Change the accumulator to unsigned int to match the return type.
>
> Signed-off-by: Naveen Kumar Chaudhary <naveen.osdev@gmail.com>
> ---
> kernel/module/procfs.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/kernel/module/procfs.c b/kernel/module/procfs.c
> index 0a4841e88adb..90712aa9dd13 100644
> --- a/kernel/module/procfs.c
> +++ b/kernel/module/procfs.c
> @@ -64,7 +64,7 @@ static void m_stop(struct seq_file *m, void *p)
>
> static unsigned int module_total_size(struct module *mod)
> {
> - int size = 0;
> + unsigned int size = 0;
While there's no behavioral difference, using unsigned int seems like
good hygiene. With the commit message corrected:
Reviewed-by: Sami Tolvanen <samitolvanen@google.com>
Sami
© 2016 - 2026 Red Hat, Inc.