From 369afde77269316594e05595aac1a78cdfe9b278 Mon Sep 17 00:00:00 2001
From: Louis-Dominique Dubeau <ldd@lddubeau.com>
Date: Thu, 5 Jul 2018 14:14:45 -0400
Subject: [PATCH] fix: verify that character references match the CHAR
 production

---
 lib/saxes.js | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/lib/saxes.js b/lib/saxes.js
index 8cc7d51e..e1c0143e 100644
--- a/lib/saxes.js
+++ b/lib/saxes.js
@@ -7,6 +7,7 @@ const { XML_1_0: { ED5 } } = require("xmlchars");
 
 const {
   regexes: {
+    CHAR,
     NAME_START_CHAR,
     NAME_CHAR,
   },
@@ -1091,7 +1092,14 @@ ${XML_NAMESPACE}.`);
       return `&${this.entity};`;
     }
 
-    return String.fromCodePoint(num);
+    const char = String.fromCodePoint(num);
+    // The character reference is required to match the CHAR production.
+    if (!CHAR.test(char)) {
+      this.fail("Invalid character entity");
+      return `&${this.entity};`;
+    }
+
+    return char;
   }
 }