Wire: skipGroup() missing negative-length check allows 10-byte payload to crash any Wire-decoding service
Wire's protobuf group-skipping logic did not reject negative lengths before skipping a length-delimited field inside a group. A crafted protobuf payload could cause Wire to throw an unchecked runtime exception during decoding instead of the documented IOException / ProtocolException failure path. This can crash services that decode untrusted protobuf payloads and only handle Wire's documented checked decoding failures.