diff --git a/lib/tokenize.cpp b/lib/tokenize.cpp
index e921e997dcc..d3fa178cc84 100644
--- a/lib/tokenize.cpp
+++ b/lib/tokenize.cpp
@@ -1253,10 +1253,9 @@ void Tokenizer::simplifyTypedefCpp()
         Token *namespaceEnd = nullptr;
 
         // check for invalid input
-        if (!tokOffset)
+        if (!tokOffset || tokOffset->isControlFlowKeyword())
             syntaxError(tok);
 
-
         if (tokOffset->str() == "::") {
             typeStart = tokOffset;
             tokOffset = tokOffset->next();
diff --git a/test/cli/fuzz-crash/crash-5db88ae1610f5a9782ea78af206f9cd87b6708dd b/test/cli/fuzz-crash/crash-5db88ae1610f5a9782ea78af206f9cd87b6708dd
new file mode 100644
index 00000000000..8026606c85c
--- /dev/null
+++ b/test/cli/fuzz-crash/crash-5db88ae1610f5a9782ea78af206f9cd87b6708dd
@@ -0,0 +1 @@
+{for(typedef;);}
\ No newline at end of file