From 08e9d64a86746e5c3ae2e3e61dfb47ff908f5ffd Mon Sep 17 00:00:00 2001 From: Robert Reif Date: Sun, 14 Aug 2011 20:38:16 -0400 Subject: [PATCH] fix #3003 (segmentation fault of cppcheck (typedef a x[]; y = x )) --- lib/tokenize.cpp | 6 ++++++ test/testsimplifytokens.cpp | 9 +++++++++ 2 files changed, 15 insertions(+) diff --git a/lib/tokenize.cpp b/lib/tokenize.cpp index ae6318a69..3ab5a4dd1 100644 --- a/lib/tokenize.cpp +++ b/lib/tokenize.cpp @@ -1977,6 +1977,12 @@ void Tokenizer::simplifyTypedef() { do { + if (!tok2->next()) + { + syntaxError(tok2); + return; // can't recover so quit + } + if (!inCast && !inSizeof) tok2 = tok2->next(); diff --git a/test/testsimplifytokens.cpp b/test/testsimplifytokens.cpp index c736423c9..2e855bb48 100644 --- a/test/testsimplifytokens.cpp +++ b/test/testsimplifytokens.cpp @@ -266,6 +266,7 @@ private: TEST_CASE(simplifyTypedef98); // ticket #2963 TEST_CASE(simplifyTypedef99); // ticket #2999 TEST_CASE(simplifyTypedef100); // ticket #3000 + TEST_CASE(simplifyTypedef101); // ticket #3003 (segmentation fault) TEST_CASE(simplifyTypedefFunction1); TEST_CASE(simplifyTypedefFunction2); // ticket #1685 @@ -5384,6 +5385,14 @@ private: ASSERT_EQUALS("", errout.str()); } + void simplifyTypedef101() // ticket #3003 (segmentation fault) + { + const char code[] = "typedef a x[];\n" + "y = x\n"; + sizeof_(code); + ASSERT_EQUALS("[test.cpp:2]: (error) syntax error\n", errout.str()); + } + void simplifyTypedefFunction1() { {