From b08e80502075863c9a144baf205827ed7f02414e Mon Sep 17 00:00:00 2001
From: Elad <18193363+elad335@users.noreply.github.com>
Date: Sun, 31 May 2026 16:45:11 +0300
Subject: [PATCH] PPU Analyser: Fix possible infinite loop

Because of possible overflow.
---
 rpcs3/Emu/Cell/PPUAnalyser.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rpcs3/Emu/Cell/PPUAnalyser.cpp b/rpcs3/Emu/Cell/PPUAnalyser.cpp
index 783ed9e477..608e213ab6 100644
--- a/rpcs3/Emu/Cell/PPUAnalyser.cpp
+++ b/rpcs3/Emu/Cell/PPUAnalyser.cpp
@@ -1191,7 +1191,7 @@ bool ppu_module<lv2_obj>::analyse(u32 lib_toc, u32 entry, const u32 sec_end, con
 			continue;
 		}
 
-		vm::cptr<void> sec_end = vm::cast(sec.addr + sec.size);
+		vm::cptr<u32> sec_end = vm::cast(sec.addr + sec.size);
 
 		// Probe
 		for (vm::cptr<u32> _ptr = vm::cast(sec.addr); _ptr < sec_end;)
@@ -1212,7 +1212,7 @@ bool ppu_module<lv2_obj>::analyse(u32 lib_toc, u32 entry, const u32 sec_end, con
 				break;
 			}
 
-			if (size % 4 || size < 0x10 || _ptr + size / 4 > sec_end)
+			if (size % 4 || size < 0x10 || static_cast<u32>(sec_end - _ptr) < size / 4)
 			{
 				sec_end.set(0);
 				break;