diff --git a/ChangeLog b/ChangeLog
index f9a60996f..c126f7f7e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2016-12-24  Werner Lemberg  <wl@gnu.org>
+
+	* src/truetype/ttpload.c (tt_face_load_loca): Sanitize table length.
+
+	This trivial fix allows us to accept more fonts.
+
+	Problem reported by 張俊芝 <418092625@qq.com>.
+
 2016-12-24  Werner Lemberg  <wl@gnu.org>
 
 	* src/sfnt/sfobjs.c (sfnt_init_face): Fix tracing.
diff --git a/src/truetype/ttpload.c b/src/truetype/ttpload.c
index 0079ebd05..95ab47017 100644
--- a/src/truetype/ttpload.c
+++ b/src/truetype/ttpload.c
@@ -104,8 +104,7 @@
       if ( table_len >= 0x40000L )
       {
         FT_TRACE2(( "table too large\n" ));
-        error = FT_THROW( Invalid_Table );
-        goto Exit;
+        table_len = 0x3FFFFL;
       }
       face->num_locations = table_len >> shift;
     }
@@ -116,8 +115,7 @@
       if ( table_len >= 0x20000L )
       {
         FT_TRACE2(( "table too large\n" ));
-        error = FT_THROW( Invalid_Table );
-        goto Exit;
+        table_len = 0x1FFFFL;
       }
       face->num_locations = table_len >> shift;
     }