From 03d22045ad15ba64e6a4751fa119f83de0c33407 Mon Sep 17 00:00:00 2001
From: SiemensSchuckert <35631785+SiemensSchuckert@users.noreply.github.com>
Date: Wed, 4 Dec 2024 18:51:47 +0300
Subject: [PATCH] fix HTTP download crash (on empty file)

when empty filelist downloaded from HTTP server,
CL_ParseFileList() uses unallocated buffer for strchr()

segfault happens:

0  __strchr_avx2 () at ../sysdeps/x86_64/multiarch/strchr-avx2.S:65
1  0x00007ffff743de2c in __interceptor_strchr (s=0x0, c=<optimized out>)
    at ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:705
2  0x000055555566d7f8 in CL_ParseFileList (dl=0x55555587a178 <cls+20984>)
    at src/client/curl/download.c:484
3  0x000055555566e26c in CL_FinishHTTPDownload ()
    at src/client/curl/download.c:670
---
 src/client/curl/download.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/client/curl/download.c b/src/client/curl/download.c
index 6e9d79f3..393f0b9f 100644
--- a/src/client/curl/download.c
+++ b/src/client/curl/download.c
@@ -264,6 +264,9 @@ static void CL_StartHTTPDownload (dlqueue_t *entry, dlhandle_t *dl)
 	}
 
 	// Make sure that the download handle is in empty state.
+	if (dl->tempBuffer) {
+		free(dl->tempBuffer);
+	}
 	dl->tempBuffer = NULL;
 	dl->fileSize = 0;
 	dl->position = 0;
@@ -477,6 +480,10 @@ static void CL_ParseFileList(dlhandle_t *dl)
 		return;
 	}
 
+	if (!dl->tempBuffer) {
+		return;
+	}
+
 	char *list = dl->tempBuffer;
 
 	for (;;)