VCC: Forbid the use of relative paths in +glob includes

These types of includes should be avoided since it would otherwise
be hard to predict the right behavior when matching glob patterns
in vcl_path directories.

Refs #4250
Closes #4249

bin/varnishtest/tests/c00053.vtc

@@ -67,3 +67,8 @@ client c1 {
 	expect resp.http.foo == foo
 	expect resp.http.bar == bar
 } -run
+
+varnish v1 -errvcl "+glob can only be used with absolute paths or relative paths starting with './'" {
+	include +glob "sub_*.vcl";
+	backend default none;
+}

doc/sphinx/reference/vcl.rst

@@ -258,7 +258,11 @@ The included file can be specified as follows:
 Optionally, the ``include`` keyword can take a ``+glob`` flag to include all
 files matching a glob pattern::
 
-    include +glob "example.org/*.vcl";
+    include +glob "/etc/varnish/example.org/*.vcl";
+
+Note that the ``+glob`` option can only be used with absolute paths and
+relative paths starting with './', which means that ``+glob`` includes cannot
+be searched in ``vcl_path`` directories.
 
 Import statement
 ----------------

include/tbl/params.h

@@ -1831,7 +1831,8 @@ PARAM_STRING(
 	"VCL files in both the system configuration and shared "
 	"data directories to allow packages to drop their VCL "
 	"files in a standard location where relative includes "
-	"would work.",
+	"would work. Includes using +glob cannot be searched "
+	"in vcl_path.",
 	/* flags */	BUILD_OPTIONS,
 	/* dyn_min_reason */	NULL,
 	/* dyn_max_reason */	NULL,

lib/libvcc/vcc_source.c

@@ -110,6 +110,13 @@ vcc_include_glob_file(struct vcc *tl, const struct source *src_sp,
 	unsigned u;
 	int i;
 
+	if (filename[0] != '/' && (filename[0] != '.' || filename[1] != '/')) {
+		VSB_cat(tl->sb,
+		    "+glob can only be used with absolute paths or relative "
+		    "paths starting with './'\n");
+		tl->err = 1;
+		return;
+	}
 	memset(g, 0, sizeof g);
 	i = glob(filename, 0, NULL, g);
 	switch (i) {