https://github.com/openssl/openssl/blob/master/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc#L44-L71

In ppc_aes_gcm_crypt(), the assembly functions ppc_aes_gcm_encrypt/ppc_aes_gcm_decrypt are declared as returning size_t (64-bit on PPC64) in include/crypto/aes_platform.h:85-90. However, their return values are stored in int s (line 47) and accumulated in int ndone (line 48), both 32-bit signed.

int s = 0;        // 32-bit signed — should be size_t
int ndone = 0;    // 32-bit signed — should be size_t
// ...
s = encrypt ? ppc_aes_gcm_encrypt(in, out, len, key, ivec, Xi)   // returns size_t
            : ppc_aes_gcm_decrypt(in, out, len, key, ivec, Xi);  // returns size_t
ndone += s;
return ndone;     // implicit int → size_t conversion

While the primary EVP entrypoints take length as an int (and therefore can't overflow this), EVP_Cipher() takes length as an unsigned int and therefore can.