From 1dac1664be15bd824479367d038221328c4b06e9 Mon Sep 17 00:00:00 2001 From: Alexander Mai Date: Tue, 26 Jan 2016 19:12:57 +0100 Subject: [PATCH] 7357 segmentation fault in TokenList::insertTokens --- lib/tokenize.cpp | 2 ++ test/testgarbage.cpp | 12 +++++++++--- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/lib/tokenize.cpp b/lib/tokenize.cpp index 1980a9af7..40d974a9a 100644 --- a/lib/tokenize.cpp +++ b/lib/tokenize.cpp @@ -5597,6 +5597,8 @@ void Tokenizer::simplifyVarDecl(Token * tokBegin, Token * tokEnd, bool only_k_r_ const Token *varTok = type0->tokAt((int)typelen); while (Token::Match(varTok, "*|&|const")) varTok = varTok->next(); + if (!varTok) + syntaxError(tok2); // invalid code list.insertTokens(eq, varTok, 2); eq->str(";"); diff --git a/test/testgarbage.cpp b/test/testgarbage.cpp index d13e91142..d7ca9d6ea 100644 --- a/test/testgarbage.cpp +++ b/test/testgarbage.cpp @@ -220,6 +220,7 @@ private: TEST_CASE(garbageCode169); // #6731 TEST_CASE(garbageCode170); TEST_CASE(garbageCode171); + TEST_CASE(garbageCode172); TEST_CASE(garbageValueFlow); TEST_CASE(garbageSymbolDatabase); TEST_CASE(garbageAST); @@ -228,10 +229,10 @@ private: std::string checkCode(const char code[], bool cpp = true) { // double the tests - run each example as C as well as C++ - const char* filename = cpp ? "test.cpp" : "test.c"; - const char* alternatefilename = cpp ? "test.c" : "test.cpp"; + const char* const filename = cpp ? "test.cpp" : "test.c"; + const char* const alternatefilename = cpp ? "test.c" : "test.cpp"; - // run alternate check first. It should only ensure stability + // run alternate check first. It should only ensure stability - so we catch exceptions here. try { checkCodeInternal(code, alternatefilename); } catch (InternalError&) { @@ -1448,6 +1449,11 @@ private: ASSERT_THROW(checkCode("(){case()?():}:", false), InternalError); } + void garbageCode172() { + // #7357 + ASSERT_THROW(checkCode("p>,"), InternalError); + } + }; REGISTER_TEST(TestGarbage)