* src/cff/cffload.c (cff_load_private_dict): Always init `blend'.

Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=295

ChangeLog

@@ -1,3 +1,11 @@
+2016-12-17  Werner Lemberg  <wl@gnu.org>
+
+	* src/cff/cffload.c (cff_load_private_dict): Always init `blend'.
+
+	Reported as
+
+	  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=295
+
 2016-12-16  Werner Lemberg  <wl@gnu.org>
 
 	[truetype] Fix `cvar' sanity test.

src/cff/cffload.c

@@ -1843,13 +1843,14 @@
     FT_UInt          stackSize;
 
 
-    if ( !top->private_offset || !top->private_size )
-      goto Exit2;       /* no private DICT, do nothing */
-
-    /* store handle needed to access memory, vstore for blend */
+    /* store handle needed to access memory, vstore for blend;    */
+    /* we need this for clean-up even if there is no private DICT */
     subfont->blend.font   = font;
     subfont->blend.usedBV = FALSE;  /* clear state */
 
+    if ( !top->private_offset || !top->private_size )
+      goto Exit2;       /* no private DICT, do nothing */
+
     /* set defaults */
     FT_ZERO( priv );