diff --git a/encrypt.cpp b/encrypt.cpp
index dced67e..95cf7a0 100755
--- a/encrypt.cpp
+++ b/encrypt.cpp
@@ -340,6 +340,7 @@ int cipher_aes128cbc_encrypt(const char *data,char *output,int &len,char * key)
 int cipher_aes128cfb_encrypt(const char *data,char *output,int &len,char * key)
 {
 	static int first_time=1;
+	assert(len>=16);
 
 	char buf[buf_len];
 	memcpy(buf,data,len);//TODO inefficient code
@@ -392,17 +393,20 @@ int cipher_aes128cbc_decrypt(const char *data,char *output,int &len,char * key)
 int cipher_aes128cfb_decrypt(const char *data,char *output,int &len,char * key)
 {
 	static int first_time=1;
+	if(len<16) return -1;
+    
 	if(aes_key_optimize)
 	{
 		if(first_time==0) key=0;
 		else first_time=0;
 	}
-	char buf[buf_len];
-	memcpy(buf,data,len);//TODO inefficient code
 	
-	aes_ecb_decrypt(data,buf); //decrypt the first block
 	
-	AES_CFB_decrypt_buffer((unsigned char *)output,(unsigned char *)buf,len,(unsigned char *)key,(unsigned char *)zero_iv);
+	AES_CFB_decrypt_buffer((unsigned char *)output,(unsigned char *)data,len,(unsigned char *)key,(unsigned char *)zero_iv);
+	
+	char buf[16];
+	memcpy(buf,output,16);
+	aes_ecb_decrypt(buf,output); //decrypt the first block
 	//if(de_padding(output,len,16)<0) return -1;
 	return 0;
 }