diff --git a/armsrc/appmain.c b/armsrc/appmain.c
index 84589ff00..dcb7d63a0 100644
--- a/armsrc/appmain.c
+++ b/armsrc/appmain.c
@@ -1589,9 +1589,14 @@ static void PacketReceived(PacketCommandNG *packet) {
                 BigBuf_free();
             }
             uint16_t offset = MIN(BIGBUF_SIZE - PM3_CMD_DATA_SIZE - 3, payload->offset);
+            
+            // need to copy len bytes of data, not PM3_CMD_DATA_SIZE - 3 - offset
+            // ensure len bytes copied wont go past end of bigbuf
+            uint16_t len = MIN(BIGBUF_SIZE - offset,PM3_CMD_DATA_SIZE - 3);
 
             uint8_t *mem = BigBuf_get_addr();
-            memcpy(mem + offset, &payload->data, PM3_CMD_DATA_SIZE - 3 - offset);
+            memcpy(mem + offset, &payload->data, len);
+            // memcpy(mem + offset, &payload->data, PM3_CMD_DATA_SIZE - 3 - offset);
             reply_ng(CMD_LF_UPLOAD_SIM_SAMPLES, PM3_SUCCESS, NULL, 0);
             break;
         }