From a7703425936bac9badf924428507f5bb1495541c Mon Sep 17 00:00:00 2001
From: Paul Fultz II <pfultz2@yahoo.com>
Date: Sat, 19 Dec 2020 05:23:19 -0600
Subject: [PATCH] Fix crash in getInitListSize (#2960)

---
 lib/valueflow.cpp      |  8 ++++----
 test/testvalueflow.cpp | 10 ++++++++++
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/lib/valueflow.cpp b/lib/valueflow.cpp
index fc62d90c4..f27e97e70 100644
--- a/lib/valueflow.cpp
+++ b/lib/valueflow.cpp
@@ -5978,10 +5978,10 @@ static void valueFlowIteratorInfer(TokenList *tokenlist, const Settings *setting
     }
 }
 
-static std::vector<ValueFlow::Value> getInitListSize(const Token* tok)
+static std::vector<ValueFlow::Value> getInitListSize(const Token* tok, const Library::Container *container)
 {
     std::vector<const Token*> args = getArguments(tok);
-    if ((args.size() == 1 && astIsContainer(args[0]) && args[0]->valueType()->container == tok->valueType()->container) ||
+    if ((args.size() == 1 && astIsContainer(args[0]) && args[0]->valueType()->container == container) ||
         (args.size() == 2 && astIsIterator(args[0]) && astIsIterator(args[1]))) {
         std::vector<ValueFlow::Value> values;
         std::copy_if(args[0]->values().begin(),
@@ -6021,7 +6021,7 @@ static void valueFlowContainerSize(TokenList *tokenlist, SymbolDatabase* symbold
                 continue;
         } else if (Token::simpleMatch(var->nameToken()->next(), "{")) {
             const Token* initList = var->nameToken()->next();
-            values = getInitListSize(initList);
+            values = getInitListSize(initList, var->valueType()->container);
         }
         for (const ValueFlow::Value& value : values)
             valueFlowContainerForward(var->nameToken()->next(), var, value, tokenlist);
@@ -6041,7 +6041,7 @@ static void valueFlowContainerSize(TokenList *tokenlist, SymbolDatabase* symbold
             } else if (Token::Match(tok, "%name%|;|{|}|> %var% = {") && Token::simpleMatch(tok->linkAt(3), "} ;")) {
                 const Token* containerTok = tok->next();
                 if (astIsContainer(containerTok)) {
-                    std::vector<ValueFlow::Value> values = getInitListSize(tok->tokAt(3));
+                    std::vector<ValueFlow::Value> values = getInitListSize(tok->tokAt(3), containerTok->valueType()->container);
                     for (const ValueFlow::Value& value : values)
                         valueFlowContainerForward(containerTok->next(), containerTok->variable(), value, tokenlist);
                 }
diff --git a/test/testvalueflow.cpp b/test/testvalueflow.cpp
index 7f4809e8b..ccc2ab1e7 100644
--- a/test/testvalueflow.cpp
+++ b/test/testvalueflow.cpp
@@ -4968,6 +4968,16 @@ private:
                "    }\n"
                "}\n";
         valueOfTok(code, "a");
+
+        code = "class A{\n"
+               "  void f() {\n"
+               "    std::string c{s()};\n"
+               "  }\n"
+               "  std::string s() {\n"
+               "    return \"\";\n"
+               "  }\n"
+               "};\n";
+        valueOfTok(code, "c");
     }
 
     void valueFlowHang() {