[CVE-2024-25062] xmlreader: Don't expand XIncludes when backtracking

Fixes a use-after-free if XML Reader if used with DTD validation and
XInclude expansion.

Fixes #604.

xmlreader.c

@@ -1378,6 +1378,7 @@ node_found:
      * Handle XInclude if asked for
      */
     if ((reader->xinclude) && (reader->in_xinclude == 0) &&
+        (reader->state != XML_TEXTREADER_BACKTRACK) &&
         (reader->node != NULL) &&
 	(reader->node->type == XML_ELEMENT_NODE) &&
 	(reader->node->ns != NULL) &&