diff --git a/server/wsproxy/kcpsession.cc b/server/wsproxy/kcpsession.cc
index 50126ba..fc41b91 100644
--- a/server/wsproxy/kcpsession.cc
+++ b/server/wsproxy/kcpsession.cc
@@ -85,10 +85,10 @@ void KcpSession::DecodeUserPacket(char* buf, int& offset, unsigned int buflen)
     //packagelen + msgid + magiccode + msgbody
     //2 + 2 + 4+ xx + \0 + xx
     bool warning = false;
-    while (buflen - offset >= sizeof(f8::PackHead)) {
-        f8::PackHead* p = (f8::PackHead*)&buf[offset];
+    while (buflen - offset >= sizeof(f8::PackHead) + GetSecretKeyLen()) {
+        f8::PackHead* p = (f8::PackHead*)&buf[offset + GetSecretKeyLen()];
         if (p->magic_code == f8::MAGIC_CODE) {
-            if (buflen - offset < sizeof(f8::PackHead) + p->packlen) {
+            if (buflen - offset < sizeof(f8::PackHead) + p->packlen + GetSecretKeyLen()) {
                 break;
             }
             //a8::XPrintf("Recv MsgId:%d\n", {p->msgid});
@@ -98,7 +98,7 @@ void KcpSession::DecodeUserPacket(char* buf, int& offset, unsigned int buflen)
                                           //saddr,
                                           p->msgid,
                                           p->seqid,
-                                          &buf[offset + sizeof(f8::PackHead)],
+                                          &buf[offset + sizeof(f8::PackHead) + GetSecretKeyLen()],
                                           p->packlen);
             offset += sizeof(f8::PackHead) + p->packlen;
         } else {