From a5d6417ec4b5b140f2fdd9eef610b74af96d2055 Mon Sep 17 00:00:00 2001 From: chrchr-github <78114321+chrchr-github@users.noreply.github.com> Date: Thu, 8 Jan 2026 15:03:14 +0100 Subject: [PATCH 1/2] Update templatesimplifier.cpp --- lib/templatesimplifier.cpp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/templatesimplifier.cpp b/lib/templatesimplifier.cpp index 1291993990d..349894b2b89 100644 --- a/lib/templatesimplifier.cpp +++ b/lib/templatesimplifier.cpp @@ -1153,6 +1153,8 @@ void TemplateSimplifier::useDefaultArgumentValues(TokenAndName &declaration) instantiationArgs[index].push_back(tok1); tok1 = tok1->next(); } while (tok1 && tok1 != endLink); + if (!tok1) + syntaxError(end); instantiationArgs[index].push_back(tok1); } else if (tok1->str() == "<" && (tok1->strAt(1) == ">" || (tok1->previous()->isName() && @@ -1162,6 +1164,8 @@ void TemplateSimplifier::useDefaultArgumentValues(TokenAndName &declaration) instantiationArgs[index].push_back(tok1); tok1 = tok1->next(); } while (tok1 && tok1 != endLink); + if (!tok1) + syntaxError(end); instantiationArgs[index].push_back(tok1); } else if (tok1->str() == ",") { ++index; From b8fc73847ab2c7ccb608678342e334258ca7333f Mon Sep 17 00:00:00 2001 From: chrchr-github <78114321+chrchr-github@users.noreply.github.com> Date: Thu, 8 Jan 2026 15:04:14 +0100 Subject: [PATCH 2/2] Create crash-7c3e963c9c28dab506696d0dbe8aaf8772d5302f --- .../fuzz-crash/crash-7c3e963c9c28dab506696d0dbe8aaf8772d5302f | 1 + 1 file changed, 1 insertion(+) create mode 100644 test/cli/fuzz-crash/crash-7c3e963c9c28dab506696d0dbe8aaf8772d5302f diff --git a/test/cli/fuzz-crash/crash-7c3e963c9c28dab506696d0dbe8aaf8772d5302f b/test/cli/fuzz-crash/crash-7c3e963c9c28dab506696d0dbe8aaf8772d5302f new file mode 100644 index 00000000000..ff8d3a2d0ac --- /dev/null +++ b/test/cli/fuzz-crash/crash-7c3e963c9c28dab506696d0dbe8aaf8772d5302f @@ -0,0 +1 @@ +h>teu<""e<>;templateteu=d