The DTDScanner fails to account for the fact that peeking characters in
the XMLReader class can raise an exception if an invalid character is
encountered, and the exception crosses stack frames in an unsafe way
that causes a higher level exception handler to access an already-freed
object.