diff --git a/lib/checkbufferoverrun.cpp b/lib/checkbufferoverrun.cpp
index baf09503b..2f3ae2e8c 100644
--- a/lib/checkbufferoverrun.cpp
+++ b/lib/checkbufferoverrun.cpp
@@ -517,7 +517,7 @@ void CheckBufferOverrun::checkScope(const Token *tok, const std::vector<std::str
 
     const bool isPortabilityEnabled = _settings->isEnabled("portability");
 
-    for (const Token* const end = tok->scope()->classEnd; tok != end; tok = tok->next()) {
+    for (const Token* const end = tok->scope()->classEnd; tok && tok != end; tok = tok->next()) {
         if (declarationId != 0 && Token::Match(tok, "%varid% = new|malloc|realloc", declarationId)) {
             // Abort
             break;
diff --git a/test/testbufferoverrun.cpp b/test/testbufferoverrun.cpp
index 3c3ad8577..c366fc61e 100644
--- a/test/testbufferoverrun.cpp
+++ b/test/testbufferoverrun.cpp
@@ -316,6 +316,8 @@ private:
         TEST_CASE(writeOutsideBufferSize)
 
         TEST_CASE(negativeMemoryAllocationSizeError) // #389
+
+        TEST_CASE(garbage1) // #6303
     }
 
 
@@ -4262,6 +4264,14 @@ private:
               "}\n");
         ASSERT_EQUALS("[test.cpp:4]: (error) Memory allocation size is negative.\n", errout.str());
     }
+
+    void garbage1() {
+        check("void foo() {\n"
+              "char *a = malloc(10);\n"
+              "a[0]\n"
+              "}\n");
+        ASSERT_EQUALS("", errout.str());
+    }
 };
 
 REGISTER_TEST(TestBufferOverrun)