The problem in this case isn't with the copyleft licenses. It's with the CLA (i.e., "even though my project is copyleft, if you want to contribute to it, you have to give me a pushover license to your changes too"). Without the CLA, this project would indeed be safe from him doing this.
I'm confused. Copyleft doesn't grant a right to contribute upstream. It's perfectly reasonable for a maintainer of a copyleft project to say "I only accept contributions if you give me $1,000."
Copyleft grants you the right to make changes and redistribute the resulting work under a compatible license. If you have a problem with CLAs, don't sign them. Many people do not care.
Even without a CLA the author could simply remove contributions and still relicense. This isn't novel, and has been done before.
Obviously it may be difficult to remove contributions.
It's rare for an important software project to be 100% a one-man show. Combined with the difficulty of removing contributions, wouldn't rejecting CLAs basically keep this kind of thing from happening at all?
That have always been clear from the beginning that is why you get everyone using GNU/Linux instead of the BSDs, although Apple and Sony enjoy using parts of them on their platforms.