diff --git a/source/client/client.c b/source/client/client.c
index 3f96f63..e87623a 100644
--- a/source/client/client.c
+++ b/source/client/client.c
@@ -3626,7 +3626,7 @@ static void readline_callback(void)
 	   session keepalives and then drop them here.
 	*/
 	if (FD_ISSET(cli->fd,&fds)) {
-		if (!receive_smb(cli->fd,cli->inbuf,0)) {
+		if (!receive_smb(cli->fd,cli->inbuf,cli->bufsize,0)) {
 			DEBUG(0, ("Read from server failed, maybe it closed the "
 				"connection\n"));
 			return;
diff --git a/source/client/smbctool.c b/source/client/smbctool.c
index 2063418..a18505b 100644
--- a/source/client/smbctool.c
+++ b/source/client/smbctool.c
@@ -3304,7 +3304,7 @@ static void readline_callback(void)
 	   session keepalives and then drop them here.
 	*/
 	if (FD_ISSET(cli->fd,&fds)) {
-		receive_smb(cli->fd,cli->inbuf,0);
+		receive_smb(cli->fd,cli->inbuf,cli->bufsize,0);
 		goto again;
 	}
 	  
diff --git a/source/lib/util_sock.c b/source/lib/util_sock.c
index 94c5e82..4715ca7 100644
--- a/source/lib/util_sock.c
+++ b/source/lib/util_sock.c
@@ -654,14 +654,13 @@ ssize_t read_smb_length(int fd, char *inbuf, unsigned int timeout)
 }
 
 /****************************************************************************
- Read an smb from a fd. Note that the buffer *MUST* be of size
- BUFFER_SIZE+SAFETY_MARGIN.
+ Read an smb from a fd. 
  The timeout is in milliseconds. 
  This function will return on receipt of a session keepalive packet.
  Doesn't check the MAC on signed packets.
 ****************************************************************************/
 
-BOOL receive_smb_raw(int fd, char *buffer, unsigned int timeout)
+BOOL receive_smb_raw(int fd, char *buffer, size_t buflen, unsigned int timeout)
 {
 	ssize_t len,ret;
 
@@ -682,25 +681,18 @@ BOOL receive_smb_raw(int fd, char *buffer, unsigned int timeout)
 		return False;
 	}
 
-	/*
-	 * A WRITEX with CAP_LARGE_WRITEX can be 64k worth of data plus 65 bytes
-	 * of header. Don't print the error if this fits.... JRA.
-	 */
-
-	if (len > (BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE)) {
+	if (len > buflen) {
 		DEBUG(0,("Invalid packet length! (%lu bytes).\n",(unsigned long)len));
-		if (len > BUFFER_SIZE + (SAFETY_MARGIN/2)) {
 
-			/*
-			 * Correct fix. smb_read_error may have already been
-			 * set. Only set it here if not already set. Global
-			 * variables still suck :-). JRA.
-			 */
+		/*
+		 * smb_read_error may have already been
+		 * set. Only set it here if not already set. Global
+		 * variables still suck :-). JRA.
+		 */
 
-			if (smb_read_error == 0)
-				smb_read_error = READ_ERROR;
-			return False;
-		}
+		if (smb_read_error == 0)
+			smb_read_error = READ_ERROR;
+		return False;
 	}
 
 	if(len > 0) {
@@ -730,9 +722,9 @@ BOOL receive_smb_raw(int fd, char *buffer, unsigned int timeout)
  Checks the MAC on signed packets.
 ****************************************************************************/
 
-BOOL receive_smb(int fd, char *buffer, unsigned int timeout)
+BOOL receive_smb(int fd, char *buffer, size_t buflen, unsigned int timeout)
 {
-	if (!receive_smb_raw(fd, buffer, timeout)) {
+	if (!receive_smb_raw(fd, buffer, buflen, timeout)) {
 		return False;
 	}
 
diff --git a/source/libsmb/clientgen.c b/source/libsmb/clientgen.c
index c6cef08..7d7ab9e 100644
--- a/source/libsmb/clientgen.c
+++ b/source/libsmb/clientgen.c
@@ -44,8 +44,7 @@ int cli_set_port(struct cli_state *cli, int port)
 }
 
 /****************************************************************************
- Read an smb from a fd ignoring all keepalive packets. Note that the buffer 
- *MUST* be of size BUFFER_SIZE+SAFETY_MARGIN.
+ Read an smb from a fd ignoring all keepalive packets.
  The timeout is in milliseconds
 
  This is exactly the same as receive_smb except that it never returns
@@ -54,12 +53,12 @@ int cli_set_port(struct cli_state *cli, int port)
  should never go into a blocking read.
 ****************************************************************************/
 
-static BOOL client_receive_smb(int fd,char *buffer, unsigned int timeout)
+static BOOL client_receive_smb(int fd,char *buffer, size_t bufsize, unsigned int timeout)
 {
 	BOOL ret;
 
 	for(;;) {
-		ret = receive_smb_raw(fd, buffer, timeout);
+		ret = receive_smb_raw(fd, buffer, bufsize, timeout);
 
 		if (!ret) {
 			DEBUG(10,("client_receive_smb failed\n"));
@@ -88,7 +87,7 @@ BOOL cli_receive_smb(struct cli_state *cli)
 		return False; 
 
  again:
-	ret = client_receive_smb(cli->fd,cli->inbuf,cli->timeout);
+	ret = client_receive_smb(cli->fd,cli->inbuf, cli->bufsize, cli->timeout);
 	
 	if (ret) {
 		/* it might be an oplock break request */
diff --git a/source/smbd/process.c b/source/smbd/process.c
index 8dec719..3d31c29 100644
--- a/source/smbd/process.c
+++ b/source/smbd/process.c
@@ -521,7 +521,8 @@ static BOOL receive_message_or_smb(char *buffer, int buffer_len, int timeout)
 		goto again;
 	}
 
-	return receive_smb(smbd_server_fd(), buffer, 0);
+	return receive_smb(smbd_server_fd(), buffer,
+			BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE, 0);
 }
 
 /*
diff --git a/source/utils/smbfilter.c b/source/utils/smbfilter.c
index 97d2223..2152e53 100644
--- a/source/utils/smbfilter.c
+++ b/source/utils/smbfilter.c
@@ -140,7 +140,7 @@ static void filter_child(int c, struct in_addr dest_ip)
 		if (num <= 0) continue;
 		
 		if (c != -1 && FD_ISSET(c, &fds)) {
-			if (!receive_smb(c, packet, 0)) {
+			if (!receive_smb(c, packet, BUFFER_SIZE, 0)) {
 				d_printf("client closed connection\n");
 				exit(0);
 			}
@@ -151,7 +151,7 @@ static void filter_child(int c, struct in_addr dest_ip)
 			}			
 		}
 		if (s != -1 && FD_ISSET(s, &fds)) {
-			if (!receive_smb(s, packet, 0)) {
+			if (!receive_smb(s, packet, BUFFER_SIZE, 0)) {
 				d_printf("server closed connection\n");
 				exit(0);
 			}