From 5dd52182972a35f2251a07784eda35d3d52d3e07 Mon Sep 17 00:00:00 2001
From: Sebastian Pipping <sebastian@pipping.org>
Date: Tue, 1 Mar 2022 23:02:34 +0100
Subject: [PATCH] lib: Document namespace separator effect right in header
 <expat.h>

---
 expat/lib/expat.h | 5 +++++
 1 file changed, 5 insertions(+)

--- a/lib/expat.h
+++ b/lib/expat.h
@@ -227,6 +227,12 @@ XML_ParserCreate(const XML_Char *encodin
    It is a programming error to use the separator '\0' with namespace
    triplets (see XML_SetReturnNSTriplet).
 
+   If a namespace separator is chosen that can be part of a URI or
+   part of an XML name, splitting an expanded name back into its
+   1, 2 or 3 original parts on application level in the element handler
+   may end up vulnerable, so these are advised against;  sane choices for
+   a namespace separator are e.g. '\n' (line feed) and '|' (pipe).
+
    Note that Expat does not validate namespace URIs (beyond encoding)
    against RFC 3986 today (and is not required to do so with regard to
    the XML 1.0 namespaces specification) but it may start doing that