in test_bacio.f90 passing bad LU parameter to bareadl() results in memory buffer overflow

[edwardhartnett]

These tests cause memory problems:

  call bareadl(0, ib8, nb8, ka8, data_in)
  if (ka8 .ne. 0) stop 32
  call bareadl(FDDIM + 1, ib8, nb8, ka8, data_in)
  if (ka8 .ne. 0) stop 32

The failure looks like this:

=================================================================
==21062==ERROR: AddressSanitizer: global-buffer-overflow on address 0x55ac980dec3c at pc 0x55ac980c7524 bp 0x7ffc0756acb0 sp 0x7ffc0756aca0
READ of size 4 at 0x55ac980dec3c thread T0
    #0 0x55ac980c7523 in bareadl_ /home/ed/NCEPLIBS-bacio/src/baciof.f90:255
    #1 0x55ac980c655f in test_bacio /home/ed/NCEPLIBS-bacio/tests/test_bacio.f90:79
    #2 0x55ac980c6a17 in main /home/ed/NCEPLIBS-bacio/tests/test_bacio.f90:2
    #3 0x7f24723c2564 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x28564)
    #4 0x55ac980c53fd in _start (/home/ed/NCEPLIBS-bacio/b/tests/test_bacio+0x43fd)

0x55ac980dec3c is located 0 bytes to the right of global variable 'fd' defined in '/home/ed/NCEPLIBS-bacio/src/baciof.f90:15:40' (0x55ac980d5000) of size 39996
0x55ac980dec3c is located 36 bytes to the left of global variable 'lux' defined in '/home/ed/NCEPLIBS-bacio/src/baciof.f90:248:48' (0x55ac980dec60) of size 8
SUMMARY: AddressSanitizer: global-buffer-overflow /home/ed/NCEPLIBS-bacio/src/baciof.f90:255 in bareadl_

This is caused by this code in baciof.f90, around line 255 of baciof.f90 in function bareadl():

      IF(FD(LU).LE.0) THEN
        KA=0
        RETURN
      ENDIF

This should probably be checking the LU parameter like the baopen() function:

      IF(LU.LT.001.OR.LU.GT.FDDIM) THEN
        IRET=6
        RETURN
      ENDIF

By inspection, I can see this same problem in functions bawritel() and wrytel().