Index: firmware/App/Services/SystemCommMessages.c
===================================================================
diff -u -r02654dc5b372b3af948ebd28aabb95cc4b51c785 -rd7e69554ce0d291ec3f5576367792dd7810a01ea
--- firmware/App/Services/SystemCommMessages.c	(.../SystemCommMessages.c)	(revision 02654dc5b372b3af948ebd28aabb95cc4b51c785)
+++ firmware/App/Services/SystemCommMessages.c	(.../SystemCommMessages.c)	(revision d7e69554ce0d291ec3f5576367792dd7810a01ea)
@@ -3360,16 +3360,19 @@
     BOOL status = FALSE;
     U08* payloadPtr = message->payload;
 
-    memcpy(&currentMessage, payloadPtr, sizeof(U32));
-    payloadPtr += sizeof(U32);
+    if ( message->hdr.payloadLen >= ( sizeof(currentMessage) + sizeof(totalMessages) + sizeof(payloadLength) ) )
+    {
+        memcpy(&currentMessage, payloadPtr, sizeof(U32));
+        payloadPtr += sizeof(U32);
 
-    memcpy(&totalMessages, payloadPtr, sizeof(U32));
-    payloadPtr += sizeof(U32);
+        memcpy(&totalMessages, payloadPtr, sizeof(U32));
+        payloadPtr += sizeof(U32);
 
-    memcpy(&payloadLength, payloadPtr, sizeof(U32));
-    payloadPtr += sizeof(U32);
+        memcpy(&payloadLength, payloadPtr, sizeof(U32));
+        payloadPtr += sizeof(U32);
 
-    status = receiveRecordFromDialin( NVDATAMGMT_SW_CONFIG_RECORD, currentMessage, totalMessages, payloadLength, payloadPtr );
+        status = receiveRecordFromDialin( NVDATAMGMT_SW_CONFIG_RECORD, currentMessage, totalMessages, payloadLength, payloadPtr );
+    }
 
     // Respond to request
     sendTestAckResponseMsg( (MSG_ID_T)message->hdr.msgID, status );