diff --git a/plugin/server_audit/server_audit.c b/plugin/server_audit/server_audit.c
index 8b49f354f473c..183295773f53f 100644
--- a/plugin/server_audit/server_audit.c
+++ b/plugin/server_audit/server_audit.c
@@ -2836,6 +2836,14 @@ static void update_file_path(MYSQL_THD thd,
 {
   char *new_name= (*(char **) save) ? *(char **) save : empty_str;
 
+  if (strlen(new_name) + 4  > FN_REFLEN)
+  {
+    error_header();
+    fprintf(stderr, "server_audit_file_path can't exceed %d characters.\n", FN_REFLEN - 4);
+    CLIENT_ERROR(1, "server_audit_file_path can't exceed %d characters.\n", MYF(ME_WARNING), FN_REFLEN - 4);
+    return;
+  }
+
   ADD_ATOMIC(internal_stop_logging, 1);
   error_header();
   fprintf(stderr, "Log file name was changed to '%s'.\n", new_name);