Check the x argument to check_boundary() more carefully.

This is a minimal fix for CVE-2015-5309, and while it's probably
unnecessary now, it seems worth committing for defence in depth and to
give downstreams something reasonably non-intrusive to cherry-pick.

diff --git a/terminal.c b/terminal.c
index c7e2647e8971adbf08d039d83cd96f59c080c9a2..ae85eb58a6a892d2a26c16788707fd6027af70ec 100644 (file)
--- a/terminal.c
+++ b/terminal.c
@@ -2344,7 +2344,7 @@ static void check_boundary(Terminal *term, int x, int y)
     termline *ldata;
 
     /* Validate input coordinates, just in case. */
-    if (x == 0 || x > term->cols)
+    if (x <= 0 || x > term->cols)
        return;
 
     ldata = scrlineptr(y);