diff --git a/vorbis.go b/vorbis.go
index 75a9349..54f6a20 100644
--- a/vorbis.go
+++ b/vorbis.go
@@ -29,6 +29,10 @@ func (m *metadataVorbis) readVorbisComment(r io.Reader) error {
 		return err
 	}
 
+	if vendorLen < 0 {
+		return fmt.Errorf("invalid encoding: expected positive length, got %d", vendorLen)
+	}
+
 	vendor, err := readString(r, vendorLen)
 	if err != nil {
 		return err