diff --git a/ChangeLog b/ChangeLog
index 82630e530..c581b8679 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2007-04-30  Peter Stephenson  <pws@csr.com>
+
+	* 23339: Src/mem.c: make malloc(0) allocate a single byte
+	instead of returning invalid (and unfreeable) memory.
+
 2007-04-27  Peter Stephenson  <pws@csr.com>
 
 	* 23337: Src/Zle/compctl.c: argument to stat() wasn't
diff --git a/Src/mem.c b/Src/mem.c
index afc008cd7..448c4aad9 100644
--- a/Src/mem.c
+++ b/Src/mem.c
@@ -830,10 +830,26 @@ malloc(MALLOC_ARG_T size)
 #endif
 
     /* some systems want malloc to return the highest valid address plus one
-       if it is called with an argument of zero */
+       if it is called with an argument of zero.
+    
+       TODO: really?  Suppose we allocate more memory, so
+       that this is now in bounds, then a more rational application
+       that thinks it can free() anything it malloc'ed, even
+       of zero length, calls free for it?  Aren't we in big
+       trouble?  Wouldn't it be safer just to allocate some
+       memory anyway?
+
+       If the above comment is really correct, then at least
+       we need to check in free() if we're freeing memory
+       at m_high.
+    */
 
     if (!size)
+#if 1
+	size = 1;
+#else
 	return (MALLOC_RET_T) m_high;
+#endif
 
     queue_signals();  /* just queue signals rather than handling them */