From 03f5e2b7c55c4cd7fd2d4ec07f802635049a8590 Mon Sep 17 00:00:00 2001
From: Tobias Stoeckmann <tobias@stoeckmann.org>
Date: Sun, 19 Feb 2017 15:12:42 +0000
Subject: [PATCH] Fix out of boundary write on 1x1 terminals

If a terminal is merely 1x1 in size, setsize() will write a nul byte in
front of the allocated memory, which is an out of boundary write.
---
 tload.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tload.c b/tload.c
index 6df9ef5d..5fb00506 100644
--- a/tload.c
+++ b/tload.c
@@ -71,6 +71,8 @@ static void setsize(int i)
 			nrows = win.ws_row;
 	}
 	scr_size = nrows * ncols;
+	if (scr_size < 2)
+		xerr(EXIT_FAILURE, _("screen too small"));
 	if (screen == NULL)
 		screen = (char *)xmalloc(scr_size);
 	else