From c20c44526c7a6a41e40c4a5d115461545d2c24c0 Mon Sep 17 00:00:00 2001
From: v2ray <admin@v2ray.com>
Date: Tue, 3 May 2016 14:57:09 +0200
Subject: [PATCH] Fix buffer overrun in vmess

---
 proxy/vmess/io/reader.go | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/proxy/vmess/io/reader.go b/proxy/vmess/io/reader.go
index 0c42031e..5dab18ff 100644
--- a/proxy/vmess/io/reader.go
+++ b/proxy/vmess/io/reader.go
@@ -30,11 +30,10 @@ func (this *AuthChunkReader) Read() (*alloc.Buffer, error) {
 	if length <= 4 { // Length of authentication bytes.
 		return nil, io.EOF
 	}
-	if length > 8*1024 {
+	if length > 8*1024-16 {
 		buffer.Release()
 		buffer = alloc.NewLargeBuffer()
 	}
-	buffer.SliceBack(16)
 	if _, err := io.ReadFull(this.reader, buffer.Value[:length]); err != nil {
 		buffer.Release()
 		return nil, err