From 87bf09c0ae5b55ae6532f38cf6f5b4881d1ae9bc Mon Sep 17 00:00:00 2001 From: amai2012 Date: Wed, 3 Jun 2015 11:39:30 +0200 Subject: [PATCH] #6751 segmentation fault (invalid code) in Tokenizer::simplifyTypedef. --- lib/tokenize.cpp | 2 ++ test/testgarbage.cpp | 5 +++++ 2 files changed, 7 insertions(+) diff --git a/lib/tokenize.cpp b/lib/tokenize.cpp index be1756918..cde47a3e5 100644 --- a/lib/tokenize.cpp +++ b/lib/tokenize.cpp @@ -1061,7 +1061,9 @@ void Tokenizer::simplifyTypedef() // check for operator typedef /** @todo add support for multi-token operators */ else if (tok2->str() == "operator" && + tok2->next() && tok2->next()->str() == typeName->str() && + tok2->linkAt(2) && tok2->strAt(2) == "(" && Token::Match(tok2->linkAt(2), ") const| {")) { // check for qualifier diff --git a/test/testgarbage.cpp b/test/testgarbage.cpp index eeb0b77c4..e393ae881 100644 --- a/test/testgarbage.cpp +++ b/test/testgarbage.cpp @@ -112,6 +112,7 @@ private: TEST_CASE(garbageCode71); TEST_CASE(garbageCode72); TEST_CASE(garbageCode73); + TEST_CASE(garbageCode74); TEST_CASE(garbageValueFlow); TEST_CASE(garbageSymbolDatabase); @@ -625,6 +626,10 @@ private: ASSERT_THROW(checkCode("typedef int IRT[2]; IRT&"), InternalError); } + void garbageCode74() { // #6751 + checkCode("_lenraw(const char* digits) { } typedef decltype(sizeof(0)) { } operator"); + } + void garbageValueFlow() { // #6089 const char* code = "{} int foo(struct, x1, struct x2, x3, int, x5, x6, x7)\n"