diff --git a/lib/checkbufferoverrun.cpp b/lib/checkbufferoverrun.cpp
index 7899ae4bf..bddf1fdb2 100644
--- a/lib/checkbufferoverrun.cpp
+++ b/lib/checkbufferoverrun.cpp
@@ -1858,6 +1858,13 @@ private:
             return &tok;
         }
 
+        // Assign variable (unknown value = 0)..
+        if (Token::Match(tok.tokAt(-2), "(|, & %var% ,|)"))
+        {
+            assign_value(checks, tok.varId(), "0");
+            return &tok;
+        }
+
         // Array index..
         if (Token::Match(&tok, "%var% [ %var% ]"))
         {
diff --git a/test/testbufferoverrun.cpp b/test/testbufferoverrun.cpp
index 65f5aaaf8..6a1cb8522 100644
--- a/test/testbufferoverrun.cpp
+++ b/test/testbufferoverrun.cpp
@@ -172,6 +172,7 @@ private:
         TEST_CASE(crash);	// Ticket #1587 - crash
 
         TEST_CASE(executionPaths1);
+        TEST_CASE(executionPaths2);
 
         TEST_CASE(cmdLineArgs1);
     }
@@ -2323,6 +2324,18 @@ private:
         ASSERT_EQUALS("[test.cpp:7]: (error) Array 'buf[10][5]' index 1000 out of bounds\n", errout.str());
     }
 
+    void executionPaths2()
+    {
+        epcheck("void foo()\n"
+                "{\n"
+                "    char a[64];\n"
+                "    int sz = sizeof(a);\n"
+                "    bar(&sz);\n"
+                "    a[sz] = 0;\n"
+                "}\n");
+        ASSERT_EQUALS("", errout.str());
+    }
+
     void cmdLineArgs1()
     {
         check("int main(int argc, char* argv[])\n"