fix crash in wordfree if we_offs is not initialized by the caller

I'm not sure if it's legal for wordexp to modify this field, but this
is the only easy/straightforward fix, and applications should not
care. if it's an issue, i can work out a different (but more complex)
solution later.

src/misc/wordexp.c

@@ -82,6 +82,8 @@ static int do_wordexp(const char *s, wordexp_t *we, int flags)
 		if (we->we_offs > SIZE_MAX/sizeof(void *)/4)
 			return WRDE_NOSPACE;
 		i += we->we_offs;
+	} else {
+		we->we_offs = 0;
 	}
 
 	if (pipe(p) < 0) return WRDE_NOSPACE;