From 86784d779487f717829d08279dd4d206c88e3c84 Mon Sep 17 00:00:00 2001
From: Craig Bester <me@craigbester.com>
Date: Thu, 19 Oct 2023 00:40:20 +0200
Subject: [PATCH] Reject unterminated ampersand entities

---
 instant-xml/src/impls.rs | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/instant-xml/src/impls.rs b/instant-xml/src/impls.rs
index c5b97fc..d02a837 100644
--- a/instant-xml/src/impls.rs
+++ b/instant-xml/src/impls.rs
@@ -599,6 +599,13 @@ pub(crate) fn decode(input: &str) -> Result<Cow<'_, str>, Error> {
         };
     }
 
+    // Unterminated entity (& without ;) at end of input
+    if let DecodeState::Entity(chars, len) = state {
+        return Err(Error::InvalidEntity(
+            String::from_utf8_lossy(&chars[..len]).into_owned(),
+        ));
+    }
+
     Ok(match result.is_empty() {
         true => Cow::Borrowed(input),
         false => {
@@ -863,6 +870,9 @@ mod tests {
         assert_eq!(decode("&amp; foo").unwrap(), "& foo");
         assert_eq!(decode("foo &amp;").unwrap(), "foo &");
         assert_eq!(decode("cbdtéda&amp;sü").unwrap(), "cbdtéda&sü");
+        assert!(decode("&").is_err());
+        assert!(decode("foo&").is_err());
+        assert!(decode("&bar").is_err());
         assert!(decode("&foo;").is_err());
         assert!(decode("&foobar;").is_err());
         assert!(decode("cbdtéd&ampü").is_err());