Don't allow LIBC_DEBUG_MALLOC_OPTIONS to cross security boundaries.

Bug: http://b/68003719
Test: LIBC_DEBUG_MALLOC_OPTIONS=isbad1 MALLOC_CONF=isbad2 su 0 /system/bin/sh -c '/system/bin/echo opt=$LIBC_DEBUG_MALLOC_OPTIONS conf=$MALLOC_CONF'
Change-Id: I796cc21b230a96cb0ed87d02ddcb1706a7749a90

libc/bionic/libc_init_common.cpp

@@ -261,6 +261,7 @@ static bool __is_unsafe_environment_variable(const char* name) {
     "LD_PROFILE",
     "LD_SHOW_AUXV",
     "LD_USE_LOAD_BIAS",
+    "LIBC_DEBUG_MALLOC_OPTIONS",
     "LOCALDOMAIN",
     "LOCPATH",
     "MALLOC_CHECK_",