Fix some sonarcloud complaints

[t-b]

The lists at 1 and 2 show the top issues sonarcloud found. Most of these look really like we should fix them.

[t-b]

The merge of #757 let us jump from D to B in security, see https://sonarcloud.io/project/activity?custom_metrics=security_rating&graph=custom&id=org.tango-controls%3Acpp-tango%3Atango-9-lts.

[t-b]

And if I understand sonarcloud correctly if we want to go from B to A in security we have to remove strcat and strcpy invocations.

I'm all for that, but these are a couple of more hits.

$git grep -P "(strcpy|strcat)" cppapi cpp_test_suite | wc -l
187