rapidyaml assigning out-of-bound id values to new nodes

[allanleal]

Hello, thanks for developing this library. I would like to report a potential issue, demonstrated with the following example:

#include <ryml.hpp>

int main(int argc, char const *argv[])
{
    ryml::Tree tree;

    auto rootnode = tree.rootref();

    rootnode |= ryml::SEQ;
    rootnode[0] << 1;
    rootnode[1] << 2;
    rootnode[2] << 3;
    rootnode[3] << 4;

    int A, B, C, D;
    rootnode[0] >> A;
    rootnode[1] >> B;
    rootnode[2] >> C;
    rootnode[3] >> D;

    assert(A == 1);
    assert(B == 2);
    assert(C == 3);
    assert(D == 4);

    rootnode.clear();
    rootnode |= ryml::SEQ;

    rootnode.append_child() << 10;
    rootnode.append_child() << 20;

    rootnode[0] >> A;
    rootnode[1] >> B;

    assert(A == 10);
    assert(B == 20);

    rootnode.clear();
    rootnode |= ryml::SEQ;

    size_t iA = rootnode.append_child().id(); // Wrong id value here, iA = 3 while tree.m_size is 2
    size_t iB = rootnode.append_child().id();

    tree.ref(iA) << 11;  // An out-of-bound access error happens here
    tree.ref(iB) << 22;

    rootnode[0] >> A;
    rootnode[1] >> B;

    assert(A == 11);
    assert(B == 22);

    return 0;
}

As pointed out above, the line of code:

size_t iA = rootnode.append_child().id();

produces a node with an id iA that is out of bounds with respect to the tree size. When using Tree::ref method with such id, an error happens.

Note the previous line of code:

rootnode.append_child() << 10;

works because rapidyaml uses node retrieval methods that do not perform bounds check.