diff --git a/lib/checkbufferoverrun.cpp b/lib/checkbufferoverrun.cpp
index 8c4026ea0..44aa22429 100644
--- a/lib/checkbufferoverrun.cpp
+++ b/lib/checkbufferoverrun.cpp
@@ -44,13 +44,13 @@ namespace {
 static void makeArrayIndexOutOfBoundsError(std::ostream& oss, const CheckBufferOverrun::ArrayInfo &arrayInfo, const std::vector<MathLib::bigint> &index)
 {
     oss << "Array '" << arrayInfo.varname();
-    for (size_t i = 0; i < arrayInfo.num().size(); ++i)
+    for (std::size_t i = 0; i < arrayInfo.num().size(); ++i)
         oss << "[" << arrayInfo.num(i) << "]";
     if (index.size() == 1)
         oss << "' accessed at index " << index[0] << ", which is";
     else {
         oss << "' index " << arrayInfo.varname();
-        for (size_t i = 0; i < index.size(); ++i)
+        for (std::size_t i = 0; i < index.size(); ++i)
             oss << "[" << index[i] << "]";
     }
     oss << " out of bounds.";
@@ -67,19 +67,19 @@ void CheckBufferOverrun::arrayIndexOutOfBoundsError(const Token *tok, const Arra
     std::ostringstream errmsg;
 
     errmsg << "Array '" << arrayInfo.varname();
-    for (size_t i = 0; i < arrayInfo.num().size(); ++i)
+    for (std::size_t i = 0; i < arrayInfo.num().size(); ++i)
         errmsg << "[" << arrayInfo.num(i) << "]";
     if (index.size() == 1)
         errmsg << "' accessed at index " << index[0].intvalue << ", which is out of bounds.";
     else {
         errmsg << "' index " << arrayInfo.varname();
-        for (size_t i = 0; i < index.size(); ++i)
+        for (std::size_t i = 0; i < index.size(); ++i)
             errmsg << "[" << index[i].intvalue << "]";
         errmsg << " out of bounds.";
     }
 
     const Token *condition = nullptr;
-    for (size_t i = 0; i < index.size(); ++i) {
+    for (std::size_t i = 0; i < index.size(); ++i) {
         if (condition == nullptr)
             condition = index[i].condition;
     }
@@ -324,11 +324,11 @@ void CheckBufferOverrun::checkFunctionParameter(const Token &ftok, unsigned int
             return;
 
         MathLib::bigint arraySize = arrayInfo.element_size();
-        for (size_t i = 0; i < arrayInfo.num().size(); ++i)
+        for (std::size_t i = 0; i < arrayInfo.num().size(); ++i)
             arraySize *= arrayInfo.num(i);
 
         const Token *charSizeToken = nullptr;
-        if (checkMinSizes(*minsizes, &ftok, (size_t)arraySize, &charSizeToken))
+        if (checkMinSizes(*minsizes, &ftok, (std::size_t)arraySize, &charSizeToken))
             bufferOverrunError(callstack, arrayInfo.varname());
         if (charSizeToken)
             sizeArgumentAsCharError(charSizeToken);
@@ -428,7 +428,7 @@ void CheckBufferOverrun::checkFunctionParameter(const Token &ftok, unsigned int
                 MathLib::bigint arraysize = arrayInfo.element_size();
                 if (arraysize == 100) // unknown size
                     arraysize = 0;
-                for (size_t i = 0; i < arrayInfo.num().size(); i++)
+                for (std::size_t i = 0; i < arrayInfo.num().size(); i++)
                     arraysize *= arrayInfo.num(i);
 
                 if (Token::Match(tok2, "[,)]") && arraysize > 0 && argsize > arraysize)
@@ -1274,7 +1274,7 @@ void CheckBufferOverrun::checkStructVariable()
                         ArrayInfo temp = arrayInfo;
                         temp.declarationId(0); // do variable lookup by variable and member names rather than varid
                         std::string varnames; // use class and member name for messages
-                        for (unsigned int k = 0; k < varname.size(); ++k)
+						for (std::size_t k = 0; k < varname.size(); ++k)
                             varnames += (k == 0 ? "" : ".") + varname[k];
 
                         temp.varname(varnames);
@@ -1661,7 +1661,7 @@ CheckBufferOverrun::ArrayInfo CheckBufferOverrun::ArrayInfo::limit(MathLib::bigi
 {
     MathLib::bigint uvalue = std::max(MathLib::bigint(0), value);
     MathLib::bigint n = 1;
-    for (unsigned int i = 0; i < _num.size(); ++i)
+	for (std::size_t i = 0; i < _num.size(); ++i)
         n *= _num[i];
     if (uvalue > n)
         n = uvalue;
diff --git a/lib/checknullpointer.cpp b/lib/checknullpointer.cpp
index 238b3340c..1f0e61289 100644
--- a/lib/checknullpointer.cpp
+++ b/lib/checknullpointer.cpp
@@ -214,7 +214,7 @@ bool CheckNullPointer::isPointerDeRef(const Token *tok, bool &unknown)
     if (Token::Match(parent, "+|==|!=") || (parent->str() == "=" && !firstOperand)) {
         if (parent->astOperand1() == tok && parent->astOperand2())
             ovar = parent->astOperand2()->variable();
-        else if (parent->astOperand2() == tok)
+        else if (parent->astOperand1() && parent->astOperand2() == tok)
             ovar = parent->astOperand1()->variable();
     }
     if (ovar && !ovar->isPointer() && !ovar->isArray() && Token::Match(ovar->typeStartToken(), "std :: string|wstring !!::"))
diff --git a/test/testuninitvar.cpp b/test/testuninitvar.cpp
index e3f638442..9f13e4fc5 100644
--- a/test/testuninitvar.cpp
+++ b/test/testuninitvar.cpp
@@ -67,6 +67,7 @@ private:
         TEST_CASE(uninitvar2_while);
         TEST_CASE(uninitvar2_4494);      // #4494
         TEST_CASE(uninitvar2_malloc);    // malloc returns uninitialized data
+		TEST_CASE(uninitvar7); // ticket #5971
 
         TEST_CASE(syntax_error); // Ticket #5073
 
@@ -2635,6 +2636,18 @@ private:
         ASSERT_EQUALS("[test.c:4]: (error) Uninitialized variable: ab\n", errout.str());
     }
 
+	void uninitvar7() {
+        const char code[] = "void eDBauth_user()  {\n"
+        "   char *blid_cert;\n"
+        "   if(  ) {\n"
+        "        blid_cert   = ;\n"
+        "   } \n"
+		"}\n";
+
+        // Assume dfs is a non POD type if file is C++
+        checkUninitVar2(code, "test.cpp");
+	}
+
     // Handling of function calls
     void uninitvar2_func() {
         // non-pointer variable