Fix Fortify findings caused by point2grid changes in #1345.

[JohnHalleyGotway]

Describe the Task

After feature 1345 was merged into the develop branch, 2 new high and 29 new low Fortify findings appeared in the nightly run of Fortify on the develop branch.

This task is to refine the code to make those findings go away.

I have attached PDF's of the Fortify findings from 20201004 and 20201006. The corresponding FPR and MBS files can be found on dakota:
/d3/projects/MET/MET_regression/develop/SAVE-NB20201004/fortify_sca
/d3/projects/MET/MET_regression/develop/SAVE-NB20201006/fortify_sca

There were additional increases for Fortify noted on kiowa for the develop branch. Also fix these.

Foritfy Counts for develop on 20201014: Critical=0 High=353 Medium=0 Low=1053
Fortify Counts for develop on 20201015: Critical=0 High=355 Medium=0 Low=1068
/d1/projects/MET/MET_regression/MET-develop/scripts/fortify/run_nightly.sh: The Fortify counts have CHANGED in NB20201015.

Time Estimate

Estimate the amount of work required here.
Issues should represent approximately 1 to 3 days of work.

Sub-Issues

Consider breaking the task down into sub-issues.

• Add a checkbox for each sub-issue here.

Relevant Deadlines

List relevant project deadlines here or state NONE.

Funding Source

Define the source of funding and account keys here or state NONE.

Define the Metadata

Assignee

• Select engineer(s) or no engineer required
• Select scientist(s) or no scientist required

Labels

• Select component(s)
• Select priority
• Select requestor(s)

Projects and Milestone

• Review projects and select relevant Repository and Organization ones or add "alert:NEED PROJECT ASSIGNMENT" label
• Select milestone to next major version milestone or "Future Versions"

Define Related Issue(s)

Consider the impact to the other METplus components.

• METplus, MET, METdatadb, METviewer, METexpress, METcalcpy, METplotpy

Task Checklist

See the METplus Workflow for details.

• Complete the issue definition above, including the Time Estimate and Funding Source.
• Fork this repository or create a branch of develop.
  Branch name: feature_<Issue Number>_<Description>
• Complete the development and test your changes.
• Add/update log messages for easier debugging.
• Add/update unit tests.
• Add/update documentation.
• Push local changes to GitHub.
• Submit a pull request to merge into develop.
  Pull request: feature <Issue Number> <Description>
• Define the pull request metadata, as permissions allow.
  Select: Reviewer(s), Project(s), Milestone, and Linked issues
• Iterate until the reviewer(s) accept and merge your changes.
• Delete your fork or branch.
• Close this issue.

[hsoh-u]

Two PDF files show the number of new high and low findings but not where (filename and line number). I'm not sure how many findings are from nc_utils.cc. I started #1492 already and some refactoring were done at nc_utils.cc which could affect the fortify result. I will working this after #1492. It's not good practice but some of fortify issues will be fixed with #1492.

[hsoh-u]

One high on point2grid

      for (int xIdx=0; xIdx<from_lon_cnt; xIdx++) {
         for (int yIdx=0; yIdx<from_lat_cnt; yIdx++) {
            int offset = fr_dp.two_to_one(xIdx,yIdx);
            from_data[offset] = fr_dp.get(xIdx,yIdx);   //  <== buffer overflow
         }
      }

Please let me know if this should be corrected. There are more instances of this case.

[JohnHalleyGotway]

On 20201020, the counts successfully decreased, as described below:

Fortify Counts for develop on 20201019: Critical=0 High=355 Medium=0 Low=1068
Fortify Counts for develop on 20201020: Critical=0 High=351 Medium=0 Low=1037
/d1/projects/MET/MET_regression/MET-develop/scripts/fortify/run_nightly.sh: The Fortify counts have CHANGED in NB20201020.

[JohnHalleyGotway]

Howard, a compilation problem popped up via the automated Docker build for the develop branch after merging these changes. Specifically on lines 1845 and 1882 pb2nc.cc:

1845             for(float *tmp_pqtzuv : pqtzuv_list) delete tmp_pqtzuv;
1882       for(float *tmp_pqtzuv : pqtzuv_list) delete tmp_pqtzuv;

The version of the compiler used by the container doesn't like that syntax. Since we want to make MET compile on as many compiler families and versions possible, I'd recommend fixing this issue. Here's the compiler error:

pb2nc.cc: In function 'void process_pbfile(int)':
pb2nc.cc:1845:37: error: range-based 'for' loops are not allowed in C++98 mode
             for(float *tmp_pqtzuv : pqtzuv_list) delete tmp_pqtzuv;
                                     ^
pb2nc.cc:1882:31: error: range-based 'for' loops are not allowed in C++98 mode
       for(float *tmp_pqtzuv : pqtzuv_list) delete tmp_pqtzuv;