Fix out-of-bounds vector access in StructDef::Deserialize

[Noamismach]

Description:
When parsing a binary schema (.bfbs), StructDef::Deserialize allocates the indexes vector based on the number of fields (of.size()). However, it directly uses the parsed id() as the index for assignment without validating if the id is within the allocated bounds.

If a schema contains a field with an id that is greater than or equal to the total number of fields, this results in an out-of-bounds vector write, causing memory corruption or a crash (e.g., catching a heap-buffer-overflow with AddressSanitizer).

This PR adds a simple bounds check to ensure the field_id is strictly less than of.size() before writing to the indexes vector, safely aborting the deserialization if the schema is malformed.

Testing:

• Verified that valid schemas continue to deserialize correctly.
• Confirmed that a malformed schema with an oversized field ID now gracefully returns an error instead of causing an OOB write.

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.