From c836b94cc4886227e16a6356d7826c7607009ec4 Mon Sep 17 00:00:00 2001
From: Vadim Zeitlin <vadim@wxwidgets.org>
Date: Tue, 29 Oct 2019 19:01:48 +0100
Subject: [PATCH] Fix buffer read overflow in ZIP-64 loading code

Don't even try to parse the ZIP-64 header if there is not enough data in
the file.

Credit to OSS-Fuzz: this solves its issue 16250.
---
 src/common/zipstrm.cpp | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/common/zipstrm.cpp b/src/common/zipstrm.cpp
index cd72d411d7..e77f37411b 100644
--- a/src/common/zipstrm.cpp
+++ b/src/common/zipstrm.cpp
@@ -1542,6 +1542,8 @@ bool wxZipEndRec::Read(wxInputStream& stream, wxMBConv& conv)
         if (stream.SeekI(z64EndOffset) == wxInvalidOffset)
             return false;
         wxZipHeader dsEnd(stream, Z64_END_SIZE);
+        if ( !dsEnd )
+            return false;
         if ( dsEnd.Read32() != Z64_END_MAGIC ||
             dsEnd.Read64() < Z64_END_SIZE - 12 ) // Check record size
             return false;