Fixed uninitialized variable FP after realloc if it fails. Related with ticket: #5240

lib/checkuninitvar.cpp

@@ -614,6 +614,8 @@ private:
             if (Token::Match(&tok, "free|kfree|fclose ( %var% )") ||
                 Token::Match(&tok, "realloc ( %var%")) {
                 dealloc_pointer(checks, tok.tokAt(2));
+                if (tok.str() == "realloc")
+                    ExecutionPath::bailOutVar(checks, tok.tokAt(2)->varId());
                 return tok.tokAt(3);
             }
 

test/testuninitvar.cpp

@@ -106,6 +106,13 @@ private:
                        "}");
         ASSERT_EQUALS("[test.cpp:3]: (error) Uninitialized variable: p\n", errout.str());
 
+        checkUninitVar("void foo() {\n" // #5240
+                       "    char *p = malloc(100);\n"
+                       "    char *tmp = realloc(p,1000);\n"
+                       "    if (!tmp) free(p);\n"
+                       "}");
+        ASSERT_EQUALS("", errout.str());
+
         checkUninitVar("void foo() {\n"
                        "    int *p = NULL;\n"
                        "    realloc(p,10);\n"