diff --git a/ChangeLog b/ChangeLog
index 3ff78d69d..6294dfdac 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2017-01-31  Werner Lemberg  <wl@gnu.org>
+
+	[truetype] Fix sanity check for `gvar' table (#50184).
+
+	* src/truetype/ttgxvar.c (ft_var_load_gvar): There might be missing
+	variation data for some glyphs.
+
 2017-01-31  Werner Lemberg  <wl@gnu.org>
 
 	[autofit] Avoid uninitialized jumps (#50191).
diff --git a/src/truetype/ttgxvar.c b/src/truetype/ttgxvar.c
index fec40d33f..0e34a2a23 100644
--- a/src/truetype/ttgxvar.c
+++ b/src/truetype/ttgxvar.c
@@ -1379,10 +1379,9 @@
       goto Exit;
     }
 
-    /* rough sanity check: offsets can be either 2 or 4 bytes, */
-    /* and a single variation needs at least 4 bytes per glyph */
+    /* rough sanity check: offsets can be either 2 or 4 bytes */
     if ( (FT_ULong)gvar_head.glyphCount *
-           ( ( gvar_head.flags & 1 ) ? 8 : 6 ) > table_len )
+           ( ( gvar_head.flags & 1 ) ? 4 : 2 ) > table_len )
     {
       FT_TRACE1(( "ft_var_load_gvar: invalid number of glyphs\n" ));
       error = FT_THROW( Invalid_Table );