HL: Fix prefix-match bugs in H5TB field lookup and H5DS/H5IM CLASS checks

- H5TB: strcmp replaces strncmp in H5TBfind_field so that field names
  that are a prefix of a requested name (or vice-versa) are no longer
  matched. HLTB_MAX_FIELD_LEN (255) is now public in H5TBpublic.h and
  exposed to Fortran as HLTB_MAX_FIELD_LEN_F in H5TBff.F90.
  H5TBget_field_info documents the buffer-size requirement and truncation
  behaviour. H5TBget_field_info guards against overflow on long names.

- H5IM: H5IMis_image and H5IMis_palette refactored into a shared helper
  (H5IM__class_attr_equals). The helper now reads both fixed-length and
  variable-length CLASS string attributes, using H5Treclaim for VL memory.
  strcmp replaces strncmp for exact-match semantics.

- H5DS: H5DSis_scale and H5DS_is_reserved both support variable-length
  CLASS string attributes via H5Aget_space/H5Aread/H5Treclaim. The
  fixed-length path retains the 16-byte size guard. strcmp is used
  throughout for exact comparison.

- Tests: new test functions test_is_scale_class_prefix,
  test_is_reserved_class_prefix, and test_class_prefix cover fixed-length
  prefix/exact/wrong-value cases and variable-length string cases.
  test_table.c adds write and read field-name prefix rejection cases and
  boundary-length truncation verification. All malloc calls are NULL-checked.

- CHANGELOG updated with a summary of all fixes.

Author: brtnfld

hl/fortran/src/H5TBff.F90

@@ -42,6 +42,12 @@ MODULE H5TB_CONST
   USE h5fortran_types
   USE hdf5
 
+  !> Maximum length of a field name buffer returned by h5tbget_field_info_f.
+  !! Matches HLTB_MAX_FIELD_LEN defined in H5TBpublic.h.
+  !! Declare field_names character arrays with at least this length:
+  !!   CHARACTER(LEN=HLTB_MAX_FIELD_LEN_F) :: field_names(nfields)
+  INTEGER, PARAMETER :: HLTB_MAX_FIELD_LEN_F = 255
+
   INTERFACE h5tbwrite_field_name_f
 #ifdef H5_DOXYGEN
      MODULE PROCEDURE h5tbwrite_field_name_f
@@ -209,6 +215,8 @@ END FUNCTION h5tbinsert_field_c
 !! \param nrecords      The number of records.
 !! \param type_size     The size in bytes of the structure associated with the table. Obtained with sizeof or storage_size.
 !! \param field_names   An array containing the names of the fields.
+!!                      Names longer than HLTB_MAX_FIELD_LEN_F - 1 characters
+!!                      are silently truncated when read back by h5tbget_field_info_f().
 !! \param field_offset  An array containing the offsets of the fields.
 !! \param field_types   An array containing the type of the fields.
 !! \param chunk_size    The chunk size.
@@ -325,7 +333,9 @@ END SUBROUTINE h5tbmake_table_f90
 !! \param nfields       The number of fields
 !! \param nrecords      The number of records
 !! \param type_size     The size in bytes of the structure associated with the table; This value is obtained with sizeof().
-!! \param field_names   An array containing the names of the fields
+!! \param field_names   An array containing the names of the fields.
+!!                      Names longer than HLTB_MAX_FIELD_LEN_F - 1 characters
+!!                      are silently truncated when read back by h5tbget_field_info_f().
 !! \param field_offset  An array containing the offsets of the fields
 !! \param field_types   An array containing the type of the fields
 !! \param chunk_size    The chunk size
@@ -1057,10 +1067,15 @@ END SUBROUTINE h5tbget_table_info_f
 !! \param loc_id        Location identifier. The identifier may be that of a file or group.
 !! \param dset_name     The name of the dataset to read.
 !! \param nfields       The number of fields.
-!! \param field_names   An array containing the names of the fields.
+!! \param field_names   An array of character buffers to receive the field names.
+!!                      Each element must be declared with at least HLTB_MAX_FIELD_LEN_F
+!!                      characters. Field names longer than HLTB_MAX_FIELD_LEN_F - 1
+!!                      characters are silently truncated. A truncated name may
+!!                      inadvertently match a different, shorter field when subsequently
+!!                      passed to h5tbread_fields_name_f() or h5tbwrite_fields_name_f().
 !! \param field_sizes   An array containing the size of the fields.
-!! \param field_offsets	An array containing the offsets of the fields.
-!! \param type_size	The size of the HDF5 datatype associated with the table
+!! \param field_offsets An array containing the offsets of the fields.
+!! \param type_size     The size of the HDF5 datatype associated with the table
 !!                      (i.e., the size in bytes of the HDF5 compound datatype used to define a row, or record, in the table).
 !! \param errcode       \fortran_error
 !! \param maxlen_out    Maximum character length of the field names.

hl/src/H5DS.c

@@ -2221,6 +2221,7 @@ H5DSis_scale(hid_t did)
     hid_t       aid = H5I_INVALID_HID; /* attribute ID */
     htri_t      attr_class;            /* has the "CLASS" attribute */
     htri_t      is_ds = -1;            /* set to "not a dimension scale" */
+    htri_t      isvl;                  /* result of H5Tis_variable_str */
     H5I_type_t  it;                    /* type of identifier */
     char       *buf = NULL;            /* buffer to read name of attribute */
     size_t      string_size;           /* size of storage for the attribute */
@@ -2261,54 +2262,71 @@ H5DSis_scale(hid_t did)
             is_ds = 0;
             goto out;
         }
-        /* check to make sure string is null-terminated;
-           if not, then it is not dimension scale */
-        if ((strpad = H5Tget_strpad(tid)) < 0)
+        if ((isvl = H5Tis_variable_str(tid)) < 0)
             goto out;
-        if (H5T_STR_NULLTERM != strpad) {
-            is_ds = 0;
-            goto out;
-        }
 
-        /* According to Spec string is ASCII and its size should be 16 to hold
-           "DIMENSION_SCALE" string */
-        if ((string_size = H5Tget_size(tid)) == 0)
-            goto out;
-        if (string_size != 16) {
-            is_ds = 0;
-            goto out;
-        }
+        if (isvl > 0) {
+            /* Variable-length string: H5Aread allocates the string and writes
+             * its address into the buffer; use H5Treclaim to free it after use. */
+            char *vl_str = NULL;
+            hid_t asid;
 
-        buf = (char *)malloc((size_t)string_size * sizeof(char));
-        if (buf == NULL)
-            goto out;
-
-        /* Read the attribute */
-        if (H5Aread(aid, tid, buf) < 0)
-            goto out;
+            if ((asid = H5Aget_space(aid)) < 0)
+                goto out;
+            if (H5Aread(aid, tid, &vl_str) < 0) {
+                H5Sclose(asid);
+                goto out;
+            }
+            is_ds = (vl_str && strcmp(vl_str, DIMENSION_SCALE_CLASS) == 0) ? 1 : 0;
+            H5Treclaim(tid, asid, H5P_DEFAULT, &vl_str);
+            H5Sclose(asid);
+        }
+        else {
+            /* check to make sure string is null-terminated;
+               if not, then it is not dimension scale */
+            if ((strpad = H5Tget_strpad(tid)) < 0)
+                goto out;
+            if (H5T_STR_NULLTERM != strpad) {
+                is_ds = 0;
+                goto out;
+            }
 
-        /* compare strings */
-        if (strncmp(buf, DIMENSION_SCALE_CLASS, MIN(strlen(DIMENSION_SCALE_CLASS), strlen(buf))) == 0)
-            is_ds = 1;
+            /* According to Spec string is ASCII and its size should be 16 to hold
+               "DIMENSION_SCALE" string */
+            if ((string_size = H5Tget_size(tid)) == 0)
+                goto out;
+            if (string_size != 16) {
+                is_ds = 0;
+                goto out;
+            }
 
-        free(buf);
+            /* Allocate one extra byte and force null termination so strcmp never
+             * reads past the buffer even if some tool wrote the attribute without
+             * honoring the H5T_STR_NULLTERM invariant. */
+            buf = (char *)malloc((size_t)string_size * sizeof(char) + 1);
+            if (buf == NULL)
+                goto out;
 
-        if (H5Tclose(tid) < 0)
-            goto out;
+            /* Read the attribute */
+            if (H5Aread(aid, tid, buf) < 0)
+                goto out;
+            buf[string_size] = '\0';
 
-        if (H5Aclose(aid) < 0)
-            goto out;
+            /* compare strings */
+            if (strcmp(buf, DIMENSION_SCALE_CLASS) == 0)
+                is_ds = 1;
+            else
+                is_ds = 0;
+        }
     }
 out:
-    if (is_ds < 0) {
-        free(buf);
-        H5E_BEGIN_TRY
-        {
-            H5Aclose(aid);
-            H5Tclose(tid);
-        }
-        H5E_END_TRY
+    free(buf);
+    H5E_BEGIN_TRY
+    {
+        H5Aclose(aid);
+        H5Tclose(tid);
     }
+    H5E_END_TRY
     return is_ds;
 }
 
@@ -2441,6 +2459,7 @@ static herr_t
 H5DS_is_reserved(hid_t did, bool *is_reserved)
 {
     htri_t has_class;
+    htri_t isvl;
     hid_t  tid = H5I_INVALID_HID;
     hid_t  aid = H5I_INVALID_HID;
     char  *buf = NULL;  /* Name of attribute */
@@ -2463,28 +2482,53 @@ H5DS_is_reserved(hid_t did, bool *is_reserved)
     if (H5T_STRING != H5Tget_class(tid))
         goto error;
 
-    /* Check to make sure string is null-terminated */
-    if (H5T_STR_NULLTERM != H5Tget_strpad(tid))
+    if ((isvl = H5Tis_variable_str(tid)) < 0)
         goto error;
 
-    /* Allocate buffer large enough to hold string */
-    if ((string_size = H5Tget_size(tid)) == 0)
-        goto error;
-    if (NULL == (buf = malloc(string_size * sizeof(char))))
-        goto error;
+    if (isvl > 0) {
+        /* Variable-length string: H5Aread allocates the string and writes
+         * its address into the buffer; use H5Treclaim to free it after use. */
+        char *vl_str = NULL;
+        hid_t asid;
+
+        if ((asid = H5Aget_space(aid)) < 0)
+            goto error;
+        if (H5Aread(aid, tid, &vl_str) < 0) {
+            H5Sclose(asid);
+            goto error;
+        }
+        *is_reserved = vl_str && (strcmp(vl_str, IMAGE_CLASS) == 0 || strcmp(vl_str, PALETTE_CLASS) == 0 ||
+                                  strcmp(vl_str, TABLE_CLASS) == 0);
+        H5Treclaim(tid, asid, H5P_DEFAULT, &vl_str);
+        H5Sclose(asid);
+    }
+    else {
+        /* Check to make sure string is null-terminated */
+        if (H5T_STR_NULLTERM != H5Tget_strpad(tid))
+            goto error;
 
-    /* Read the attribute */
-    if (H5Aread(aid, tid, buf) < 0)
-        goto error;
+        /* Allocate buffer large enough to hold string */
+        if ((string_size = H5Tget_size(tid)) == 0)
+            goto error;
+        /* Allocate one extra byte and force null termination so strcmp never
+         * reads past the buffer even if some tool wrote the attribute without
+         * honoring the H5T_STR_NULLTERM invariant. */
+        if (NULL == (buf = malloc(string_size * sizeof(char) + 1)))
+            goto error;
 
-    if (strncmp(buf, IMAGE_CLASS, MIN(strlen(IMAGE_CLASS), strlen(buf))) == 0 ||
-        strncmp(buf, PALETTE_CLASS, MIN(strlen(PALETTE_CLASS), strlen(buf))) == 0 ||
-        strncmp(buf, TABLE_CLASS, MIN(strlen(TABLE_CLASS), strlen(buf))) == 0)
-        *is_reserved = true;
-    else
-        *is_reserved = false;
+        /* Read the attribute */
+        if (H5Aread(aid, tid, buf) < 0)
+            goto error;
+        buf[string_size] = '\0';
 
-    free(buf);
+        if (strcmp(buf, IMAGE_CLASS) == 0 || strcmp(buf, PALETTE_CLASS) == 0 || strcmp(buf, TABLE_CLASS) == 0)
+            *is_reserved = true;
+        else
+            *is_reserved = false;
+
+        free(buf);
+        buf = NULL;
+    }
 
     if (H5Tclose(tid) < 0)
         goto error;