[gx] Keep variation store consistent

tt_var_load_item_variation_store fills out a GX_ItemVarStore. While it may return an error, the item store must be left in a consistent state so that any use or destruction of the item store can properly use or free the data in it. Before this change the counts from the font data were read directly into the item store before the actual allocation of the arrays to which they referred. There exist many opportunities between the time the counts are read and the arrays are allocated to return early due to invalid data. When this happened the item store claimed to have entires it actually did not, leading to crashes later when it was used.

Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54449

• src/truetype/ttgxvar.c (tt_var_load_item_variation_store): read the counts into locals and store them in the item store only after the related arrays are actually created on the item store.