diff --git a/ChangeLog b/ChangeLog
index 705262ecf..728b459d6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2012-01-25  Moritz Bunkus  <moritz@bunkus.org>
+
+	* mkvmerge: bug fix: Fixed integer underflows in the read caching
+	code resulting in invalid memory access. Happened in broken or
+	incomplete files only. Fix for bug 709.
+
 2012-01-23  Moritz Bunkus  <moritz@bunkus.org>
 
 	* mkvmerge: bug fix: Appending AVI, Matroska or MPEG program
diff --git a/src/common/mm_read_buffer_io.cpp b/src/common/mm_read_buffer_io.cpp
index 47cbf097b..47c73f0d5 100644
--- a/src/common/mm_read_buffer_io.cpp
+++ b/src/common/mm_read_buffer_io.cpp
@@ -89,7 +89,7 @@ mm_read_buffer_io_c::setFilePointer(int64 offset,
   if (new_pos < 0)
     m_proxy_io->setFilePointer(offset, seek_end);
   else
-    m_proxy_io->setFilePointer(new_pos, seek_beginning);
+    m_proxy_io->setFilePointer(std::min(new_pos, get_size()), seek_beginning);
 
   // Get the actual offset from the underlying stream
   // Better be safe than sorry and use this instead of just taking
diff --git a/tests/results.txt b/tests/results.txt
index 2726e6746..2a6543d9a 100644
--- a/tests/results.txt
+++ b/tests/results.txt
@@ -176,3 +176,4 @@ T_327vp8_frame_type:69725de2b6569734a3b1f955b4775e74:passed:20111207-233304:0.21
 T_328dts_detected_as_ac3:dfac59530d2d96ab9f41465fdc3931fd:passed:20111229-192324:0.053131334
 T_329X_timecodes_v2:dadc36ce79c1c4b281f8f1f865746598-049cdc2d9226fac8c61d193d803bfc1f-3720aac3f16b66ec3308ffa7bf913c6e-6469e2522a4b48b7b20bae93f5d9086d-1ff091abfcb0938d6ac7fd0495e899b3-049cdc2d9226fac8c61d193d803bfc1f-d172a9340cbf2802690479e396879d1e-bf76c5886cc7c18cc7e6ee796c3406b4-b3f9d126c31505c22f292a1d2bdffba2-4bd97467fac0ac0b561d68b8b15a79dd:passed:20120105-202451:2.051321822
 T_330dts_detection:38c941b579418e6c874950f4c55f84ce:passed:20120107-210130:1.22781858
+T_331read_buffer_underflow:3bdec07b9e45cafe2c35561e7f8ad2db:passed:20120125-232902:0.407400904
diff --git a/tests/test-331read_buffer_underflow.rb b/tests/test-331read_buffer_underflow.rb
new file mode 100644
index 000000000..c040938ca
--- /dev/null
+++ b/tests/test-331read_buffer_underflow.rb
@@ -0,0 +1,13 @@
+#!/usr/bin/ruby -w
+
+class T_331read_buffer_underflow < Test
+  def description
+    "mkvmerge / read buffer integer underflow on incomplete files"
+  end
+
+  def run
+    merge "data/mkv/underflow.mkv"
+    hash_tmp
+  end
+end
+