diff --git a/a8/websocketsession.cc b/a8/websocketsession.cc
index 5a98afd..14192f1 100644
--- a/a8/websocketsession.cc
+++ b/a8/websocketsession.cc
@@ -191,6 +191,9 @@ namespace a8
 
     void WebSocketSession::DecodeFrame(char* buf, int& offset, unsigned int buflen)
     {
+        if (offset + 2 < buflen) {
+            return;
+        }
         char* real_buf = buf + offset;
         unsigned int ava_len = buflen - offset;
         char header = real_buf[0];