Description:
In file mysql-server/sql/sp.cc at line 2605 there is if-statement:

bool sp_check_name(LEX_STRING *ident)
{
  if (!ident || !ident->str || !ident->str[0] ||
      ident->str[ident->length-1] == ' ')
  {
    my_error(ER_SP_WRONG_NAME, MYF(0), ident->str);
    return true;
  }
..
}

It seems that if ident=0 it will be null pointer dereference.

GitHub link: https://github.com/mysql/mysql-server/blob/5.7/sql/sp.cc#L2605

The possible defect was found by AppChecker static analyzer.

How to repeat:
Nothing to repeat, it's just a possible weekness in the code.

Are you referring to this statement:

my_error(ER_SP_WRONG_NAME, MYF(0), ident->str);

where both `ident` or / and `ident->str may be NULL ???

Please, reply ....

I mean, 
if ident is NULL, whole expression  (!ident || !ident->str || !ident->str0 ||
ident->str[ident->length-1] == ' ')   is true, because (!ident) is true,
so this code is executed:
my_error(ER_SP_WRONG_NAME, MYF(0), ident->str);
but ident is NULL.

I guess, it should be
if (!ident ) 
{
    my_error(ER_SP_WRONG_NAME, MYF(0));
    return true;
}

if (!ident->str || !ident->str[0] || ident->str[ident->length-1] == ' ')
{
    my_error(ER_SP_WRONG_NAME, MYF(0), ident->str);
    return true;
}

Pavel,

Thank you for your report. I do not think that your patch is good enough. I would vote for the following patch:

if (!ident || !ident->str ) 
{
   my_error(ER_SP_WRONG_NAME, MYF(0));
   return true;
}

if (!ident->str[0] || ident->str[ident->length-1] == '
')
{
   my_error(ER_SP_WRONG_NAME, MYF(0), ident->str);
   return true;
}

Simply, ident->str could be NULL !!!!

Posted by developer:
 
Noted in 5.5.50, 5.6.31, 5.7.13 changelogs.

A null pointer dereference of a parser structure could occur during
stored procedure name validation.