Check for input buffer size when reading character array variables.

[jim-p-w]

Character array variables are read into a 512 byte buffer. If the value of the variable exceeds 512 bytes a buffer overflow will occur.
The size of the variable value should be checked before reading it into the buffer, and an error returned if the value exceeds the size of the provided buffer.
Alternatively, the read could be limited to the size of the buffer.

Here's the call sequence (Line numbers are from origin/release-v8.3.0)
In src/framework/mpas_io_streams.F

MPAS_readStream() reads strings into 512 byte buffer

 Line 3204   MPAS_io_get_var(stream % fileHandle, field_cursor % char0dField % fieldName, 
                                                field_cursor % char0dField % scalar, io_err)
  		scaler is a 512 byte buffer
Calls MPAS_io_get_var_char0d in src/framework/mpas_io.F via MPAS_io_get_var interface
    line 2995 Calls MPAS_io_get_var_generic in mpas_io.F
      line 1988 Calls SMIOLf_get_var in smiolf.F90 
        Calls SMIOLf_get_var_0d_char in src/external/SMIOL/smiolf_put_get_var.inc
          line 188 Calls SMIOL_get_var in src/external/SMIOL/smiol.c.
		   line 1515 calls read_chunk_pnetcdf
		       line 2840 calls ncmpi_get_vara_all

[jim-p-w]

A potential solution is call MPAS_io_inq_var immediately prior to the call to SMIOLf_get_var in MPAS_io_get_var_generic
If the returned dimension of the variable exceeds the size of the buffer passed to MPAS_io_get_var_generic set an error,
otherwise make the call to SMIOLf_get_var

Potential drawbacks

If using SMIOL
A potential drawback is MPAS_io_inq_var makes the following SMIOL calls:

• SMIOLf_inquire_var
• SMIOLf_inquire_dim

This is mitigated by caching the results for each variable, so multiple reads of the same variable won't result in multiple SMIOL_inquire calls.