From 09f2cff5194160a930fe88552942c6b0f14dac8b Mon Sep 17 00:00:00 2001
From: Alexander Mai <amai@users.sf.net>
Date: Tue, 2 Jun 2015 21:52:08 +0200
Subject: [PATCH] #6746 segmentation fault (invalid code) in
 Tokenizer::simplifyTypedef

---
 lib/tokenize.cpp     | 4 ++++
 test/testgarbage.cpp | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/lib/tokenize.cpp b/lib/tokenize.cpp
index dab472ae0..d7b99a1ba 100644
--- a/lib/tokenize.cpp
+++ b/lib/tokenize.cpp
@@ -1337,6 +1337,10 @@ void Tokenizer::simplifyTypedef()
                             tok2 = processFunc(tok2, inOperator);
 
                         if (needParen) {
+                            if (!tok2) {
+                                syntaxError(nullptr);
+                                return;
+                            }
                             tok2->insertToken(")");
                             tok2 = tok2->next();
                             Token::createMutualLinks(tok2, tok3);
diff --git a/test/testgarbage.cpp b/test/testgarbage.cpp
index 809bb1cc0..36ce17af3 100644
--- a/test/testgarbage.cpp
+++ b/test/testgarbage.cpp
@@ -107,6 +107,7 @@ private:
         TEST_CASE(garbageCode66);
         TEST_CASE(garbageCode67);
         TEST_CASE(garbageCode68);
+        TEST_CASE(garbageCode69);
 
         TEST_CASE(garbageValueFlow);
         TEST_CASE(garbageSymbolDatabase);
@@ -600,6 +601,9 @@ private:
         checkCode("(int a[3]); typedef void (*fp) (void); fp");
     }
 
+    void garbageCode69() { // #6746
+        ASSERT_THROW(checkCode("{ (make_mess, aux); } typedef void F(void); aux(void (*x)()) { } (void (*y)()) { } F*"), InternalError);
+    }
 
     void garbageValueFlow() {
         // #6089