diff --git a/ChangeLog b/ChangeLog
index 862e31e92..7409fb8b7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,14 @@
+2017-01-23  Werner Lemberg  <wl@gnu.org>
+
+	[truetype] Avoid segfault for invalid variation data.
+
+	* src/truetype/ttgxvar.c (ft_var_load_item_variation_store): Assure
+	`itemCount' is not zero.
+
+	Reported as
+
+	  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=441
+
 2017-01-20  Werner Lemberg  <wl@gnu.org>
 
 	* src/truetype/ttinterp.c (TT_RunIns): Adjust loop detector limits.
diff --git a/src/truetype/ttgxvar.c b/src/truetype/ttgxvar.c
index 386c70fdf..8004206b0 100644
--- a/src/truetype/ttgxvar.c
+++ b/src/truetype/ttgxvar.c
@@ -431,7 +431,8 @@
 
     if ( format != 1 )
     {
-      FT_TRACE2(( "bad store format %d\n", format ));
+      FT_TRACE2(( "ft_var_load_item_variation_store: bad store format %d\n",
+                  format ));
       error = FT_THROW( Invalid_Table );
       goto Exit;
     }
@@ -441,6 +442,14 @@
          FT_READ_USHORT( itemStore->dataCount ) )
       goto Exit;
 
+    /* we need at least one entry in `itemStore->varData' */
+    if ( !itemStore->dataCount )
+    {
+      FT_TRACE2(( "ft_var_load_item_variation_store: missing varData\n" ));
+      error = FT_THROW( Invalid_Table );
+      goto Exit;
+    }
+
     /* make temporary copy of item variation data offsets; */
     /* we will parse region list first, then come back     */
     if ( FT_NEW_ARRAY( dataOffsetArray, itemStore->dataCount ) )