MDEV-10465 general_log_file can be abused

This issue was discovered by
Dawid Golunski (http://legalhackers.com)

Author: vuvova

mysql-test/suite/sys_vars/r/general_log_file_basic.result

@@ -12,6 +12,12 @@ SET @@global.general_log_file = mytest.log;
 ERROR 42000: Incorrect argument type to variable 'general_log_file'
 SET @@global.general_log_file = 12;
 ERROR 42000: Incorrect argument type to variable 'general_log_file'
+SET @@global.general_log_file = 'my.cnf';
+ERROR 42000: Variable 'general_log_file' can't be set to the value of 'my.cnf'
+SET @@global.general_log_file = '/tmp/my.cnf';
+ERROR 42000: Variable 'general_log_file' can't be set to the value of '/tmp/my.cnf'
+SET @@global.general_log_file = '.my.cnf';
+ERROR 42000: Variable 'general_log_file' can't be set to the value of '.my.cnf'
 '#----------------------FN_DYNVARS_004_03------------------------#'
 SELECT @@global.general_log_file = VARIABLE_VALUE 
 FROM INFORMATION_SCHEMA.GLOBAL_VARIABLES 

mysql-test/suite/sys_vars/r/slow_query_log_file_basic.result

@@ -9,6 +9,12 @@ SET @@global.slow_query_log_file = mytest.log;
 ERROR 42000: Incorrect argument type to variable 'slow_query_log_file'
 SET @@global.slow_query_log_file = 12;
 ERROR 42000: Incorrect argument type to variable 'slow_query_log_file'
+SET @@global.slow_query_log_file = 'my.cnf';
+ERROR 42000: Variable 'slow_query_log_file' can't be set to the value of 'my.cnf'
+SET @@global.slow_query_log_file = '/tmp/my.cnf';
+ERROR 42000: Variable 'slow_query_log_file' can't be set to the value of '/tmp/my.cnf'
+SET @@global.general_log_file = '.my.cnf';
+ERROR 42000: Variable 'general_log_file' can't be set to the value of '.my.cnf'
 '#----------------------FN_DYNVARS_004_03------------------------#'
 SELECT @@global.slow_query_log_file = VARIABLE_VALUE 
 FROM INFORMATION_SCHEMA.GLOBAL_VARIABLES 

mysql-test/suite/sys_vars/t/general_log_file_basic.test

@@ -58,6 +58,16 @@ SET @@global.general_log_file = mytest.log;
 --error ER_WRONG_TYPE_FOR_VAR
 SET @@global.general_log_file = 12;
 
+#
+# MDEV-10465
+#
+--error ER_WRONG_VALUE_FOR_VAR
+SET @@global.general_log_file = 'my.cnf';
+--error ER_WRONG_VALUE_FOR_VAR
+SET @@global.general_log_file = '/tmp/my.cnf';
+--error ER_WRONG_VALUE_FOR_VAR
+SET @@global.general_log_file = '.my.cnf';
+
 
 --echo '#----------------------FN_DYNVARS_004_03------------------------#'
 ############################################################################## 

mysql-test/suite/sys_vars/t/slow_query_log_file_basic.test

@@ -56,6 +56,16 @@ SET @@global.slow_query_log_file = mytest.log;
 --error ER_WRONG_TYPE_FOR_VAR
 SET @@global.slow_query_log_file = 12;
 
+#
+# MDEV-10465
+#
+--error ER_WRONG_VALUE_FOR_VAR
+SET @@global.slow_query_log_file = 'my.cnf';
+--error ER_WRONG_VALUE_FOR_VAR
+SET @@global.slow_query_log_file = '/tmp/my.cnf';
+--error ER_WRONG_VALUE_FOR_VAR
+SET @@global.general_log_file = '.my.cnf';
+
 --echo '#----------------------FN_DYNVARS_004_03------------------------#'
 ############################################################################## 
 # Check if the value in GLOBAL Tables matches values in variable             #

sql/sys_vars.cc

@@ -3033,6 +3033,13 @@ static bool check_log_path(sys_var *self, THD *thd, set_var *var)
     return true;
   }
 
+  static const LEX_CSTRING my_cnf= { STRING_WITH_LEN("my.cnf") };
+  if (val->length >= my_cnf.length)
+  {
+    if (strcasecmp(val->str + val->length - my_cnf.length, my_cnf.str) == 0)
+      return true; // log file name ends with "my.cnf"
+  }
+
   char path[FN_REFLEN];
   size_t path_length= unpack_filename(path, val->str);