When ContentLine_Analyzer:oDeliverOnce is called with a value of "\nfalse\r\n----WebkitFormBoundary" and last_char was set to '\r' in a previous call, buf is set to \0 at index -1.
I think a fix would be to check the offset in the EMIT_LINE macro to be > 0.
Sadly I can not share the original trace which triggers the segfault. If this report is not enough I can spend some more time trying to create a test trace.
FreeBSD 10.3 RELEASE