Bug #20908: Crash if select @@""

Zero-length variables caused failures when using the length to look
up the name in a hash.  Instead, signal that no zero-length name can
ever be found and that to encounter one is a syntax error.

mysql-test/r/variables.result

@@ -689,6 +689,12 @@ select @@log_queries_not_using_indexes;
 show variables like 'log_queries_not_using_indexes';
 Variable_name	Value
 log_queries_not_using_indexes	OFF
+select @@"";
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '""' at line 1
+select @@&;
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '&' at line 1
+select @@@;
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@' at line 1
 End of 5.0 tests
 set global binlog_cache_size         =@my_binlog_cache_size;
 set global connect_timeout           =@my_connect_timeout;

mysql-test/t/variables.test

@@ -585,6 +585,16 @@ show variables like 'ssl%';
 select @@log_queries_not_using_indexes;
 show variables like 'log_queries_not_using_indexes';
 
+#
+# Bug#20908: Crash if select @@""
+#
+--error ER_PARSE_ERROR
+select @@"";
+--error ER_PARSE_ERROR
+select @@&;
+--error ER_PARSE_ERROR
+select @@@;
+
 --echo End of 5.0 tests
 
 # This is at the very after the versioned tests, since it involves doing
@@ -620,3 +630,4 @@ set global server_id                 =@my_server_id;
 set global slow_launch_time          =@my_slow_launch_time;
 set global storage_engine            =@my_storage_engine;
 set global thread_cache_size         =@my_thread_cache_size;
+

sql/gen_lex_hash.cc

@@ -442,13 +442,16 @@ int main(int argc,char **argv)
   if (get_options(argc,(char **) argv))
     exit(1);
 
+  /* Broken up to indicate that it's not advice to you, gentle reader. */
+  printf("/*\n\n  Do " "not " "edit " "this " "file " "directly!\n\n*/\n");
+
   printf("/* Copyright (C) 2001-2004 MySQL AB\n\
    This software comes with ABSOLUTELY NO WARRANTY. This is free software,\n\
    and you are welcome to modify and redistribute it under the GPL license\n\
    \n*/\n\n");
 
-  printf("/* This code is generated by gen_lex_hash.cc that seeks for\
+  printf("/* Do " "not " "edit " "this " "file!  This is generated by "
- a perfect\nhash function */\n\n");
+         "gen_lex_hash.cc\nthat seeks for a perfect hash function */\n\n");
   printf("#include \"lex.h\"\n\n");
 
   calc_length();
@@ -468,6 +471,12 @@ static inline SYMBOL *get_hash_symbol(const char *s,\n\
 {\n\
   register uchar *hash_map;\n\
   register const char *cur_str= s;\n\
+\n\
+  if (len == 0) {\n\
+    DBUG_PRINT(\"warning\", (\"get_hash_symbol() received a request for a zero-length symbol, which is probably a mistake.\"));\
+    return(NULL);\n\
+  }\
+\n\
   if (function){\n\
     if (len>sql_functions_max_len) return 0;\n\
     hash_map= sql_functions_map;\n\

sql/sql_lex.cc

@@ -1042,6 +1042,8 @@ int MYSQLlex(void *arg, void *yythd)
       if (c == '.')
 	lex->next_state=MY_LEX_IDENT_SEP;
       length= (uint) (lex->ptr - lex->tok_start)-1;
+      if (length == 0) 
+        return(ABORT_SYM);              // Names must be nonempty.
       if ((tokval= find_keyword(lex,length,0)))
       {
 	yyUnget();				// Put back 'c'