X11: Fix segfault on malformed INCR response

The code assumed that at least some data would be received via the INCR
mechanism and that, as a result, the string buffer would be allocated.

Bug found by Clang static analysis.

README.md

@@ -290,6 +290,7 @@ information on what to include when reporting a bug.
  - [X11] Bugfix: Dynamic loading on NetBSD failed due to soname differences
  - [X11] Bugfix: Left shift of int constant relied on undefined behavior (#1951)
  - [X11] Bugfix: The OSMesa libray was not unloaded on termination
+ - [X11] Bugfix: A malformed response during selection transfer could cause a segfault
  - [Wayland] Added dynamic loading of all Wayland libraries
  - [Wayland] Added support for key names via xkbcommon
  - [Wayland] Added support for file path drop events (#2040)

src/x11_window.c

@@ -985,13 +985,16 @@ static const char* getSelectionString(Atom selection)
 
                 if (!itemCount)
                 {
-                    if (targets[i] == XA_STRING)
+                    if (string)
                     {
-                        *selectionString = convertLatin1toUTF8(string);
-                        _glfw_free(string);
+                        if (targets[i] == XA_STRING)
+                        {
+                            *selectionString = convertLatin1toUTF8(string);
+                            _glfw_free(string);
+                        }
+                        else
+                            *selectionString = string;
                     }
-                    else
-                        *selectionString = string;
 
                     break;
                 }