diff --git a/ChangeLog b/ChangeLog
index 666959760..91fa85c33 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2010-06-25  Werner Lemberg  <wl@gnu.org>
+
+	Fix Savannah bug #30254.
+
+	* src/cff/cffload.c (cff_index_get_pointers): Do sanity check for
+	first offset also.
+
 2010-06-25  suzuki toshiya  <mpsuzuki@hiroshima-u.ac.jp>
 
 	Initial fix for Savannah bug #30248 and #30249.
diff --git a/src/cff/cffload.c b/src/cff/cffload.c
index 111fb1ae9..e69bb8632 100644
--- a/src/cff/cffload.c
+++ b/src/cff/cffload.c
@@ -413,6 +413,15 @@
       /* at this point, `idx->offsets' can't be NULL */
       cur_offset = idx->offsets[0] - 1;
 
+      /* sanity check */
+      if ( cur_offset >= idx->data_size )
+      {
+        FT_TRACE0(( "cff_index_get_pointers:"
+                    " invalid first offset value %d set to zero\n",
+                    cur_offset ));
+        cur_offset = 0;
+      }
+
       if ( !pool )
         t[0] = org_bytes + cur_offset;
       else