parser: Increase XML_MAX_DICTIONARY_LIMIT

This limit is somewhat arbitrary and can be reached when fuzzing
documents up to 1 MB.

Increase limit to 100 MB and disable limit if XML_PARSE_HUGE is set.

include/libxml/parserInternals.h

@@ -71,7 +71,7 @@ XMLPUBVAR const unsigned int xmlParserMaxDepth;
  * use XML_PARSE_HUGE option to override it.
  * Introduced in 2.9.0
  */
-#define XML_MAX_DICTIONARY_LIMIT 10000000
+#define XML_MAX_DICTIONARY_LIMIT 100000000
 
 /**
  * XML_MAX_LOOKUP_LIMIT:

parser.c

@@ -973,6 +973,11 @@ xmlCtxtInitializeLate(xmlParserCtxtPtr ctxt) {
 		(ctxt->str_xml_ns == NULL)) {
         xmlErrMemory(ctxt);
     }
+
+    xmlDictSetLimit(ctxt->dict,
+                    (ctxt->options & XML_PARSE_HUGE) ?
+                        0 :
+                        XML_MAX_DICTIONARY_LIMIT);
 }
 
 typedef struct {

parserInternals.c

@@ -2696,7 +2696,6 @@ xmlInitSAXParserCtxt(xmlParserCtxtPtr ctxt, const xmlSAXHandler *sax,
 	ctxt->dict = xmlDictCreate();
     if (ctxt->dict == NULL)
 	return(-1);
-    xmlDictSetLimit(ctxt->dict, XML_MAX_DICTIONARY_LIMIT);
 
     if (ctxt->sax == NULL)
 	ctxt->sax = (xmlSAXHandler *) xmlMalloc(sizeof(xmlSAXHandler));