Bug#43748: crash when non-super user tries to kill the replication threads

(Pushing for Azundris)
      
We allow security-contexts with NULL users (for
system-threads and for unauthenticated users).
If a non-SUPER-user tried to KILL such a thread,
we tried to compare the user-fields to see whether
they owned that thread. Comparing against NULL was
not a good idea.
      
If KILLer does not have SUPER-privilege, we
specifically check whether both KILLer and KILLee
have a non-NULL user before testing for string-
equality. If either is NULL, we reject the KILL.

mysql-test/r/rpl_temporary.result:
  Try to have a non-SUPER user KILL a system thread.
mysql-test/t/rpl_temporary.test:
  Try to have a non-SUPER user KILL a system thread.
sql/sql_parse.cc:
  Make sure security contexts of both KILLer *and*
          KILLee are non-NULL before testing for string-equality!

sql/sql_parse.cc

@@ -7386,8 +7386,27 @@ void kill_one_thread(THD *thd, ulong id, bool only_kill_query)
   VOID(pthread_mutex_unlock(&LOCK_thread_count));
   if (tmp)
   {
+
+    /*
+      If we're SUPER, we can KILL anything, including system-threads.
+      No further checks.
+
+      thd..user could in theory be NULL while we're still in
+      "unauthenticated" state. This is more a theoretical case.
+
+      tmp..user will be NULL for system threads (cf Bug#43748).
+      We need to check so Jane Random User doesn't crash the server
+      when trying to kill a) system threads or b) unauthenticated
+      users' threads.
+
+      If user of both killer and killee are non-null, proceed with
+      slayage if both are string-equal.
+    */
+
     if ((thd->security_ctx->master_access & SUPER_ACL) ||
-	!strcmp(thd->security_ctx->user, tmp->security_ctx->user))
+        ((thd->security_ctx->user != NULL) &&
+         (tmp->security_ctx->user != NULL) &&
+         !strcmp(thd->security_ctx->user, tmp->security_ctx->user)))
     {
       tmp->awake(only_kill_query ? THD::KILL_QUERY : THD::KILL_CONNECTION);
       error=0;