From c2a90761a77b3b8b32fbe656e9fd2356911c6f4d Mon Sep 17 00:00:00 2001
From: Philip Withnall <withnall@endlessm.com>
Date: Tue, 18 Sep 2018 12:02:06 +0100
Subject: [PATCH] gmarkup: Make the documentation even more explicit about
 untrusted input
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

GMarkup is not to be used for untrusted input. It’s always been designed
for parsing application-provided data files, not random stuff sent to
you by an attacker.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
---
 glib/gmarkup.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/glib/gmarkup.c b/glib/gmarkup.c
index 43bb0c7f8..99cabed68 100644
--- a/glib/gmarkup.c
+++ b/glib/gmarkup.c
@@ -45,7 +45,8 @@
  * The "GMarkup" parser is intended to parse a simple markup format
  * that's a subset of XML. This is a small, efficient, easy-to-use
  * parser. It should not be used if you expect to interoperate with
- * other applications generating full-scale XML. However, it's very
+ * other applications generating full-scale XML, and must not be used if you
+ * expect to parse untrusted input. However, it's very
  * useful for application data files, config files, etc. where you
  * know your application will be the only one writing the file.
  * Full-scale XML parsers should be able to parse the subset used by