diff --git a/lib/templatesimplifier.cpp b/lib/templatesimplifier.cpp
index 458dbf020b1..8464d1f944a 100644
--- a/lib/templatesimplifier.cpp
+++ b/lib/templatesimplifier.cpp
@@ -1508,7 +1508,8 @@ bool TemplateSimplifier::getTemplateNamePositionTemplateClass(const Token *tok,
 
 int TemplateSimplifier::getTemplateNamePosition(const Token *tok)
 {
-    assert(tok && tok->str() == ">");
+    if (!tok || tok->str() != ">")
+        syntaxError(tok);
 
     auto it = mTemplateNamePos.find(tok);
     if (!mSettings.debugtemplate && it != mTemplateNamePos.end()) {
diff --git a/lib/tokenize.cpp b/lib/tokenize.cpp
index 6b8142f154a..9f2ae419ed4 100644
--- a/lib/tokenize.cpp
+++ b/lib/tokenize.cpp
@@ -8644,6 +8644,8 @@ void Tokenizer::findGarbageCode() const
             syntaxError(tok, tok->str() + " " + tok->strAt(1));
         if (Token::simpleMatch(tok, "::") && (!Token::Match(tok->next(), "%name%|*|~") || (tok->next()->isKeyword() && tok->strAt(1) != "operator")))
             syntaxError(tok);
+        if (Token::Match(tok, "& %comp%|&&|%oror%|&|%or%") && tok->strAt(1) != ">")
+            syntaxError(tok);
     }
 
     // ternary operator without :
diff --git a/test/cli/fuzz-crash/crash-3997cb1cad0af26035d36ca1a01ece07ca3fd114 b/test/cli/fuzz-crash/crash-3997cb1cad0af26035d36ca1a01ece07ca3fd114
new file mode 100644
index 00000000000..fe21ddcbfa4
--- /dev/null
+++ b/test/cli/fuzz-crash/crash-3997cb1cad0af26035d36ca1a01ece07ca3fd114
@@ -0,0 +1 @@
+b=1;t o(){& &&&}
\ No newline at end of file
diff --git a/test/cli/fuzz-crash/crash-9a91d3da4e19336af500b94b2405831ed0fc1585 b/test/cli/fuzz-crash/crash-9a91d3da4e19336af500b94b2405831ed0fc1585
new file mode 100644
index 00000000000..fac1475e560
--- /dev/null
+++ b/test/cli/fuzz-crash/crash-9a91d3da4e19336af500b94b2405831ed0fc1585
@@ -0,0 +1 @@
+template<>>a{}
\ No newline at end of file