CVE-2022-40304: libxml2 dict corruption from entity reference cycles

CVE-2022-40304 in libxml2 v2.9.14: Dict corruption caused by entity reference cycles. When parsing crafted XML with an entity loop (e.g. ), xmlParserEntityCheck in parser.c writes ent->content[0] = 0; (line 167) to invalidate the looped entity's content. However, in entities.c's xmlCreateEntity (lines 187-189), short entity content (length < 5) is stored in the document dictionary via xmlDictLookup, which returns shared/interned immutable strings. Writing zero to a dict-owned string corrupts the dictionary's hash buckets, causing logic errors, double-frees, and use-after-free during subsequent dict lookups or cleanup.