diff --git a/ChangeLog b/ChangeLog
index 9b42d0ff91..873e101c97 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+2005-08-26  Jan Schmidt  <thaytan@mad.scientist.com>
+
+	* ext/ogg/gstoggdemux.c: (ogg_find_peek):
+	Another from MikeS:
+	During typefinding, don't support negative offsets
+	(offsets from the end of the stream) in our typefind->peek() function
+	- nothing embedded in ogg ever needs them. However, we need to recognise
+	those requests and reject them, otherwise we return invalid pointers.
+
 2005-08-26  Jan Schmidt  <thaytan@mad.scientist.com>
 
 	* ext/ogg/gstoggdemux.c: (gst_ogg_pad_dispose):
diff --git a/ext/ogg/gstoggdemux.c b/ext/ogg/gstoggdemux.c
index 40cf3d72b7..6e1a2b0fa6 100644
--- a/ext/ogg/gstoggdemux.c
+++ b/ext/ogg/gstoggdemux.c
@@ -2396,7 +2396,9 @@ ogg_find_peek (gpointer data, gint64 offset, guint size)
 {
   OggTypeFind *find = (OggTypeFind *) data;
 
-  if (offset + size <= find->packet->bytes) {
+  /* We don't support negative offset (from stream end); nothing embedded in ogg
+   * ever needs them */
+  if (offset >= 0 && offset + size <= find->packet->bytes) {
     return ((guint8 *) find->packet->packet) + offset;
   } else {
     return NULL;