[v2.4] libXp <= 1.0.1 CVE-2013-2062

(from redmine: issue id 1954, created on 2013-05-23, closed on 2013-05-29)

main/libxp: fix CVE-2013-2062

ref #1931
fixes #1954

(cherry picked from commit 596f76568714ab83fed8fef00c69f6493e6996e3)