diff --git a/src/hb-sanitize.hh b/src/hb-sanitize.hh
index 6f3db301f..5259891b7 100644
--- a/src/hb-sanitize.hh
+++ b/src/hb-sanitize.hh
@@ -229,11 +229,15 @@ struct hb_sanitize_context_t :
   unsigned get_edit_count () { return edit_count; }
 
 
-  bool check_ops(int count)
+  bool check_ops(unsigned count)
   {
-    // Manually decrements the ops counter. Used when the automatic op
-    // counting needs adjustment.
-    return (this->max_ops -= count) > 0;
+    /* Avoid underflow */
+    if (unlikely (this->max_ops < 0 || count >= (unsigned) this->max_ops))
+    {
+      this->max_ops = -1;
+      return false;
+    }
+    return (this->max_ops -= (int) count) > 0;
   }
 
   bool check_range (const void *base,