From 78932094c8b62e29eab39743c09f1835f7d538c8 Mon Sep 17 00:00:00 2001
From: PKEuS <philipp.kloke@web.de>
Date: Sun, 31 Aug 2014 12:12:03 +0200
Subject: [PATCH] Fixed crash on garbage code #6106

---
 lib/valueflow.cpp      | 2 ++
 test/testvalueflow.cpp | 4 ++++
 2 files changed, 6 insertions(+)

diff --git a/lib/valueflow.cpp b/lib/valueflow.cpp
index a1cd35a92..5684aac03 100644
--- a/lib/valueflow.cpp
+++ b/lib/valueflow.cpp
@@ -1413,6 +1413,8 @@ static void valueFlowForLoop(TokenList *tokenlist, ErrorLogger *errorLogger, con
             continue;
 
         Token * const bodyStart = tok->linkAt(1)->next();
+        if (!bodyStart->link() || bodyStart->str() != "{")
+            continue;
 
         unsigned int varid(0);
         MathLib::bigint num1(0), num2(0), numAfter(0);
diff --git a/test/testvalueflow.cpp b/test/testvalueflow.cpp
index 664d7dac4..5dfa71c2c 100644
--- a/test/testvalueflow.cpp
+++ b/test/testvalueflow.cpp
@@ -1263,6 +1263,10 @@ private:
                            "    (foo(s, , 2, , , 5, , 7)) abort()\n"
                            "}\n";
         ASSERT_THROW(valueOfTok(code, "*"), InternalError);
+
+        // #6106
+        code = " f { int i ; b2 , [ ] ( for ( i = 0 ; ; ) ) }";
+        valueOfTok(code, "*");
     }
 };