diff --git a/lib/tokenize.cpp b/lib/tokenize.cpp
index c68de76d6..ded3a56e7 100644
--- a/lib/tokenize.cpp
+++ b/lib/tokenize.cpp
@@ -1396,6 +1396,10 @@ void Tokenizer::simplifyTypedef()
 
                         // skip over variable name if there
                         if (!inCast) {
+                            if (!tok2 || !tok2->next()) {
+                                syntaxError(nullptr);
+                                return;
+                            }
                             if (tok2->next()->str() != ")")
                                 tok2 = tok2->next();
                         }
diff --git a/test/testgarbage.cpp b/test/testgarbage.cpp
index ca2e23cf8..03ac3e1c4 100644
--- a/test/testgarbage.cpp
+++ b/test/testgarbage.cpp
@@ -1,3 +1,4 @@
+
 /*
  * Cppcheck - A tool for static C/C++ code analysis
  * Copyright (C) 2007-2015 Daniel Marjamäki and Cppcheck team.
@@ -123,6 +124,7 @@ private:
         TEST_CASE(garbageCode82);
         TEST_CASE(garbageCode83);
         TEST_CASE(garbageCode84);
+        TEST_CASE(garbageCode85);
 
         TEST_CASE(garbageValueFlow);
         TEST_CASE(garbageSymbolDatabase);
@@ -681,6 +683,10 @@ private:
         checkCode("int main ( [ ] ) { " " [ ] ; int i = 0 ; do { } ; } ( [ ] ) { }"); // do not crash
     }
 
+    void garbageCode85() { // #6784
+        ASSERT_THROW(checkCode("{ } { } typedef void ( *VoidFunc() ) ( ) ; VoidFunc"), InternalError); // do not crash
+    }
+
     void garbageValueFlow() {
         // #6089
         const char* code = "{} int foo(struct, x1, struct x2, x3, int, x5, x6, x7)\n"