From d3546ea410d4151e6ae33c07f1490615344874c4 Mon Sep 17 00:00:00 2001 From: Alexander Mai Date: Wed, 3 Feb 2016 22:49:57 +0100 Subject: [PATCH] #7321 segmentation fault in valueFlowSwitchVariableScope::isVariableDeclaration --- lib/checkuninitvar.cpp | 2 +- lib/symboldatabase.cpp | 4 ++-- test/testgarbage.cpp | 5 +++++ 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/lib/checkuninitvar.cpp b/lib/checkuninitvar.cpp index a8a33141a..37b4377ca 100644 --- a/lib/checkuninitvar.cpp +++ b/lib/checkuninitvar.cpp @@ -39,7 +39,7 @@ namespace { static const struct CWE CWE676(676U); static const struct CWE CWE908(908U); static const struct CWE CWE825(825U); - + void CheckUninitVar::check() { diff --git a/lib/symboldatabase.cpp b/lib/symboldatabase.cpp index 4052c56e3..77938219e 100644 --- a/lib/symboldatabase.cpp +++ b/lib/symboldatabase.cpp @@ -3027,13 +3027,13 @@ bool Scope::isVariableDeclaration(const Token* const tok, const Token*& vartok, if (localVarTok->str() == "const") localVarTok = localVarTok->next(); - if (Token::Match(localVarTok, "%name% ;|=") || (localVarTok->varId() && localVarTok->strAt(1) == ":")) { + if (Token::Match(localVarTok, "%name% ;|=") || (localVarTok && localVarTok->varId() && localVarTok->strAt(1) == ":")) { vartok = localVarTok; typetok = localTypeTok; } else if (Token::Match(localVarTok, "%name% )|[") && localVarTok->str() != "operator") { vartok = localVarTok; typetok = localTypeTok; - } else if (localVarTok->varId() && Token::Match(localVarTok, "%name% (|{") && + } else if (localVarTok && localVarTok->varId() && Token::Match(localVarTok, "%name% (|{") && Token::Match(localVarTok->next()->link(), ")|} ;")) { vartok = localVarTok; typetok = localTypeTok; diff --git a/test/testgarbage.cpp b/test/testgarbage.cpp index 00b8076b9..f73cf01c6 100644 --- a/test/testgarbage.cpp +++ b/test/testgarbage.cpp @@ -225,6 +225,7 @@ private: TEST_CASE(garbageCode174); // #7356 TEST_CASE(garbageCode175); TEST_CASE(garbageCode176); + TEST_CASE(garbageCode177); TEST_CASE(garbageValueFlow); TEST_CASE(garbageSymbolDatabase); TEST_CASE(garbageAST); @@ -1479,6 +1480,10 @@ private: void garbageCode176() { // #7527 checkCode("class t { { struct } enum class f : unsigned { q } b ; operator= ( T ) { switch ( b ) { case f::q: } } { assert ( b ) ; } } { ; & ( t ) ( f::t ) ; } ;"); } + + void garbageCode177() { // #7321 + checkCode("{(){(())}}r&const"); + } }; REGISTER_TEST(TestGarbage)