diff --git a/lib/libc/locale/utf8.c b/lib/libc/locale/utf8.c
index 40f0e1701bd5..ef5784a287d5 100644
--- a/lib/libc/locale/utf8.c
+++ b/lib/libc/locale/utf8.c
@@ -203,6 +203,14 @@ _UTF8_mbrtowc(wchar_t * __restrict pwc, const char * __restrict s, size_t n,
 		errno = EILSEQ;
 		return ((size_t)-1);
 	}
+	if ((wch >= 0xd800 && wch <= 0xdfff) ||
+	    wch == 0xfffe || wch == 0xffff) {
+		/*
+		 * Malformed input; invalid code points.
+		 */
+		errno = EILSEQ;
+		return ((size_t)-1);
+	}
 	if (pwc != NULL)
 		*pwc = wch;
 	us->want = 0;