diff --git a/channels/chan_sip.c b/channels/chan_sip.c
index 81f3ccb657e8c61f6cfb0dd06d793d912b1c5661..0b657f68aa1d8ec1d0b77ec094b9423e3cc77c51 100644
--- a/channels/chan_sip.c
+++ b/channels/chan_sip.c
@@ -7331,6 +7331,10 @@ static int get_refer_info(struct sip_pvt *transferer, struct sip_request *outgoi
 			if ((ptr = strchr(referdata->replaces_callid, ';'))) 	/* Remove options */ {
 				*ptr = '\0';
 			}
+			/*
+			 * XXX don't know what was the intention but this code is
+			 * definitely wrong, as ptr can be NULL here.
+			 */
 			ptr++;
 
 			/* Find the different tags before we destroy the string */