pub_soft/rdkit
3
0
Fork 0
mirror of https://github.com/rdkit/rdkit.git synced 2026-06-03 21:44:30 +08:00
Code Issues Packages Projects Releases Wiki Activity

Vulnerability fixes

Browse Source
This commit is contained in:
James Thompson
2024-12-17 15:26:41 +00:00
parent e640915d4e
commit 63123278ca
3 changed files with 37 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
Code/GraphMol/FileParsers/MolFileParser.cpp
View File

@@ -151,6 +151,17 @@ std::string getV3000Line(std::istream *inStream, unsigned int &line) {
++line;
auto inl = getLine(inStream);
std::string_view tempStr = inl;
// Reject any non-ascii characters.
if (std::any_of(tempStr.begin(), tempStr.end(), [](char c) {
return static_cast<unsigned char>(c) > 127;
})) {
std::ostringstream errout;
errout << "Invalid character found in data stream when parsing V3000 line: "
<< tempStr;
throw MolFileUnhandledFeatureException(errout.str());
}
if (tempStr.size() < 7 || tempStr.substr(0, 7) != "M V30 ") {
std::ostringstream errout;
errout << "Line " << line << " does not start with 'M V30 '" << std::endl;

10
Code/GraphMol/FileParsers/MolSGroupParsing.cpp
View File

@@ -1132,7 +1132,17 @@ void ParseV3000ParseLabel(const std::string &label,
} else if (label == "PARENT") {
// Store relationship until all SGroups have been read
unsigned int parentIdx;
if (lineStream.eof()) {
std::ostringstream errout;
errout << "PARENT label not found on line " << line;
throw FileParseException(errout.str());
}
lineStream >> parentIdx;
if (lineStream.fail()) {
std::ostringstream errout;
errout << "Invalid PARENT label found on line " << line;
throw FileParseException(errout.str());
}
sgroup.setProp<unsigned int>("PARENT", parentIdx);
} else if (label == "COMPNO") {
unsigned int compno;

16
Code/GraphMol/SmilesParse/CXSmilesOps.cpp
View File

@@ -736,6 +736,10 @@ bool parse_data_sgroup(Iterator &first, Iterator last, RDKit::RWMol &mol,
}
++first;
if (first >= last) {
return false;
}
parse_data_sgroup_attr(first, last, sgroup, keepSGroup, "FIELDNAME");
// FIX:
@@ -743,12 +747,24 @@ bool parse_data_sgroup(Iterator &first, Iterator last, RDKit::RWMol &mol,
sgroup.setProp("FIELDDISP", " 0.0000 0.0000 DR ALL 0 0");
}
if (first >= last) {
return false;
}
parse_data_sgroup_attr(first, last, sgroup, keepSGroup, "DATAFIELDS", true);
if (first >= last) {
return false;
}
parse_data_sgroup_attr(first, last, sgroup, keepSGroup, "QUERYOP");
if (first >= last) {
return false;
}
parse_data_sgroup_attr(first, last, sgroup, keepSGroup, "FIELDINFO");
if (first >= last) {
return false;
}
parse_data_sgroup_attr(first, last, sgroup, keepSGroup, "FIELDTAG");
if (first < last && *first == '(') {