diff --git a/src/hb-ot-name-table.hh b/src/hb-ot-name-table.hh
index 6c75cc398..4eda46789 100644
--- a/src/hb-ot-name-table.hh
+++ b/src/hb-ot-name-table.hh
@@ -186,7 +186,7 @@ struct name
 
     auto snap = c->snapshot ();
     this->nameRecordZ.serialize (c, this->count);
-    this->stringOffset = c->length ();
+    if (unlikely (!c->check_assign (this->stringOffset, c->length ()))) return_trace (false);
     c->revert (snap);
 
     const void *dst_string_pool = &(this + this->stringOffset);
diff --git a/test/fuzzing/fonts/clusterfuzz-testcase-minimized-hb-subset-fuzzer-5077547978588160 b/test/fuzzing/fonts/clusterfuzz-testcase-minimized-hb-subset-fuzzer-5077547978588160
new file mode 100644
index 000000000..37bb00955
Binary files /dev/null and b/test/fuzzing/fonts/clusterfuzz-testcase-minimized-hb-subset-fuzzer-5077547978588160 differ
diff --git a/test/fuzzing/fonts/clusterfuzz-testcase-minimized-hb-subset-fuzzer-5761434614497280 b/test/fuzzing/fonts/clusterfuzz-testcase-minimized-hb-subset-fuzzer-5761434614497280
new file mode 100644
index 000000000..0060ade57
Binary files /dev/null and b/test/fuzzing/fonts/clusterfuzz-testcase-minimized-hb-subset-fuzzer-5761434614497280 differ