fix HTTP download crash (on empty file)

when empty filelist downloaded from HTTP server,
CL_ParseFileList() uses unallocated buffer for strchr()

segfault happens:

0  __strchr_avx2 () at ../sysdeps/x86_64/multiarch/strchr-avx2.S:65
1  0x00007ffff743de2c in __interceptor_strchr (s=0x0, c=<optimized out>)
    at ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:705
2  0x000055555566d7f8 in CL_ParseFileList (dl=0x55555587a178 <cls+20984>)
    at src/client/curl/download.c:484
3  0x000055555566e26c in CL_FinishHTTPDownload ()
    at src/client/curl/download.c:670
This commit is contained in:
SiemensSchuckert 2024-12-04 18:51:47 +03:00 committed by GitHub
parent 9f6c455b45
commit 03d22045ad
No known key found for this signature in database
GPG key ID: B5690EEEBB952194

View file

@ -264,6 +264,9 @@ static void CL_StartHTTPDownload (dlqueue_t *entry, dlhandle_t *dl)
}
// Make sure that the download handle is in empty state.
if (dl->tempBuffer) {
free(dl->tempBuffer);
}
dl->tempBuffer = NULL;
dl->fileSize = 0;
dl->position = 0;
@ -477,6 +480,10 @@ static void CL_ParseFileList(dlhandle_t *dl)
return;
}
if (!dl->tempBuffer) {
return;
}
char *list = dl->tempBuffer;
for (;;)