fix: verify that character references match the CHAR production

rubensworks · Jul 5, 2018 · 369afde · 369afde
1 parent 2c939fe
commit 369afde
Showing 1 changed file with 9 additions and 1 deletion.
diff --git a/lib/saxes.js b/lib/saxes.js
@@ -7,6 +7,7 @@ const { XML_1_0: { ED5 } } = require("xmlchars");
 
 const {
   regexes: {
+    CHAR,
     NAME_START_CHAR,
     NAME_CHAR,
   },
@@ -1091,7 +1092,14 @@ ${XML_NAMESPACE}.`);
       return `&${this.entity};`;
     }
 
-    return String.fromCodePoint(num);
+    const char = String.fromCodePoint(num);
+    // The character reference is required to match the CHAR production.
+    if (!CHAR.test(char)) {
+      this.fail("Invalid character entity");
+      return `&${this.entity};`;
+    }
+
+    return char;
   }
 }