Merge branch 'vuln_fix' of https://github.com/thomp-j/rdkit_vuln into vuln_fix

Code/GraphMol/FileParsers/MolFileParser.cpp

@@ -151,6 +151,17 @@ std::string getV3000Line(std::istream *inStream, unsigned int &line) {
   ++line;
   auto inl = getLine(inStream);
   std::string_view tempStr = inl;
+
+  // Reject any non-ascii characters.
+  if (std::any_of(tempStr.begin(), tempStr.end(), [](char c) {
+    return static_cast<unsigned char>(c) > 127;
+    })) {
+    std::ostringstream errout;
+    errout << "Invalid character found in data stream when parsing V3000 line: "
+           << tempStr;
+    throw MolFileUnhandledFeatureException(errout.str());
+  }
+  
   if (tempStr.size() < 7 || tempStr.substr(0, 7) != "M  V30 ") {
     std::ostringstream errout;
     errout << "Line " << line << " does not start with 'M  V30 '" << std::endl;

Code/GraphMol/SmilesParse/CXSmilesOps.cpp

@@ -737,6 +737,10 @@ bool parse_data_sgroup(Iterator &first, Iterator last, RDKit::RWMol &mol,
   }
   ++first;
 
+  if (first >= last) {
+    return false;
+  }
+  
   parse_data_sgroup_attr(first, last, sgroup, keepSGroup, "FIELDNAME");
 
   // FIX:
@@ -744,12 +748,21 @@ bool parse_data_sgroup(Iterator &first, Iterator last, RDKit::RWMol &mol,
     sgroup.setProp("FIELDDISP", "    0.0000    0.0000    DR    ALL  0       0");
   }
 
+  if (first >= last) {
+    return false;
+  }
   parse_data_sgroup_attr(first, last, sgroup, keepSGroup, "DATAFIELDS", true);
-  
+
   parse_data_sgroup_attr(first, last, sgroup, keepSGroup, "QUERYOP");
 
+  if (first >= last) {
+    return false;
+  }
   parse_data_sgroup_attr(first, last, sgroup, keepSGroup, "FIELDINFO");
 
+  if (first >= last) {
+    return false;
+  }
   parse_data_sgroup_attr(first, last, sgroup, keepSGroup, "FIELDTAG");
 
   if (first < last && *first == '(') {