From 6c2b1f093d948d286f5bddd7db27d84eb660cc56 Mon Sep 17 00:00:00 2001
From: Paul Fultz II <pfultz2@yahoo.com>
Date: Fri, 21 Jan 2022 02:56:41 -0600
Subject: [PATCH] Another fix for 10728: Crash in
 CheckStl::checkDereferenceInvalidIterator2() (#3735)

* Another fix for 10728: Crash in CheckStl::checkDereferenceInvalidIterator2()

* Format
---
 lib/checkstl.cpp |  3 +++
 test/teststl.cpp | 12 ++++++++++++
 2 files changed, 15 insertions(+)

diff --git a/lib/checkstl.cpp b/lib/checkstl.cpp
index 786529dc7..c636113f0 100644
--- a/lib/checkstl.cpp
+++ b/lib/checkstl.cpp
@@ -2332,6 +2332,9 @@ void CheckStl::checkDereferenceInvalidIterator2()
             }
             if (cValue) {
                 const ValueFlow::Value& lValue = getLifetimeIteratorValue(tok, cValue->path);
+                assert(cValue->isInconclusive() || value.isInconclusive() || lValue.isLifetimeValue());
+                if (!lValue.isLifetimeValue())
+                    continue;
                 if (emptyAdvance)
                     outOfBoundsError(emptyAdvance,
                                      lValue.tokvalue->expressionString(),
diff --git a/test/teststl.cpp b/test/teststl.cpp
index aecc12c00..17a45d270 100644
--- a/test/teststl.cpp
+++ b/test/teststl.cpp
@@ -705,6 +705,18 @@ private:
               true);
         ASSERT_EQUALS("test.cpp:4:error:Out of bounds access in expression 'd+c.length()' because 'buf' is empty.\n",
                       errout.str());
+
+        check("template<class Iterator>\n"
+              "void b(Iterator d) {\n"
+              "  std::string c = \"a\";\n"
+              "  sort(d, d + c.length());\n"
+              "}\n"
+              "void f() {\n"
+              "  std::string buf;\n"
+              "  b(buf.begin());\n"
+              "}\n",
+              true);
+        ASSERT_EQUALS("", errout.str());
     }
 
     void outOfBoundsSymbolic()