diff --git a/basilisk/basilisk_MSG.c b/basilisk/basilisk_MSG.c
index d4a2c0c54..25b2d7b36 100755
--- a/basilisk/basilisk_MSG.c
+++ b/basilisk/basilisk_MSG.c
@@ -288,8 +288,10 @@ HASH_ARRAY_STRING(basilisk,getmessage,hash,vals,hexstr)
 
 HASH_ARRAY_STRING(basilisk,sendmessage,hash,vals,hexstr)
 {
-    int32_t keylen,datalen; uint8_t key[BASILISK_KEYSIZE],space[16384],space2[16384],*data,*ptr = 0; char *retstr=0;
-    data = get_dataptr(BASILISK_HDROFFSET,&ptr,&datalen,&space[BASILISK_KEYSIZE],sizeof(space)-BASILISK_KEYSIZE,hexstr);
+    int32_t keylen,datalen,allocsize = 65536; uint8_t key[BASILISK_KEYSIZE],*space,*space2,*data,*ptr = 0; char *retstr=0;
+    space = calloc(1,allocsize);
+    space2 = calloc(1,allocsize);
+    data = get_dataptr(BASILISK_HDROFFSET,&ptr,&datalen,&space[BASILISK_KEYSIZE],allocsize-BASILISK_KEYSIZE,hexstr);
     if ( myinfo->subsock >= 0 || myinfo->dexsock >= 0 || (myinfo->IAMNOTARY != 0 && myinfo->NOTARY.RELAYID >= 0) )
     {
         keylen = basilisk_messagekey(key,juint(vals,"channel"),juint(vals,"msgid"),jbits256(vals,"srchash"),jbits256(vals,"desthash"));
@@ -297,17 +299,22 @@ HASH_ARRAY_STRING(basilisk,sendmessage,hash,vals,hexstr)
         {
             retstr = basilisk_respond_addmessage(myinfo,key,keylen,data,datalen,0,juint(vals,"duration"));
         } else printf("no get_dataptr\n");
-        if ( ptr != 0 )
-            free(ptr);
         if ( retstr != 0 )
             free(retstr);
     } //else printf("not notary.%d relayid.%d\n",myinfo->IAMNOTARY,myinfo->NOTARY.RELAYID);
     if ( vals != 0 && juint(vals,"fanout") == 0 )
         jaddnum(vals,"fanout",MAX(8,(int32_t)sqrt(myinfo->NOTARY.NUMRELAYS)+2));
-    memcpy(space2,key,BASILISK_KEYSIZE);
-    if ( data != 0 && datalen != 0 )
-        memcpy(&space2[BASILISK_KEYSIZE],data,datalen);
-    dex_reqsend(myinfo,"DEX",space2,datalen+BASILISK_KEYSIZE);
+    if ( BASILISK_KEYSIZE+datalen < allocsize )
+    {
+        memcpy(space2,key,BASILISK_KEYSIZE);
+        if ( data != 0 && datalen != 0 )
+            memcpy(&space2[BASILISK_KEYSIZE],data,datalen);
+        dex_reqsend(myinfo,"DEX",space2,datalen+BASILISK_KEYSIZE);
+    } else printf("sendmessage space too small error for %d\n",datalen);
+    free(space);
+    free(space2);
+    if ( ptr != 0 )
+        free(ptr);
     return(basilisk_standardservice("OUT",myinfo,0,jbits256(vals,"desthash"),vals,hexstr,0));
 }
 #include "../includes/iguana_apiundefs.h"