diff --git a/armsrc/appmain.c b/armsrc/appmain.c
index e14319df9..2a185b394 100644
--- a/armsrc/appmain.c
+++ b/armsrc/appmain.c
@@ -1653,18 +1653,15 @@ static void PacketReceived(PacketCommandNG *packet) {
                 BigBuf_free();
             }
 
-            // 40 000 - (512-3) 509 = 39491
-            uint16_t offset = MIN(BIGBUF_SIZE - sizeof(payload->data), payload->offset);
+            // offset should not be over buffer
+            uint16_t offset = MIN(BIGBUF_SIZE - 1, payload->offset);
 
-            // need to copy len bytes of data, not PM3_CMD_DATA_SIZE - 3 - offset
             // ensure len bytes copied wont go past end of bigbuf
             uint16_t len = MIN(BIGBUF_SIZE - offset, sizeof(payload->data));
 
             uint8_t *mem = BigBuf_get_addr();
 
-            // x + 394
             memcpy(mem + offset, &payload->data, len);
-            // memcpy(mem + offset, &payload->data, PM3_CMD_DATA_SIZE - 3 - offset);
             reply_ng(CMD_LF_UPLOAD_SIM_SAMPLES, PM3_SUCCESS, NULL, 0);
             break;
         }