diff --git a/sesman/chansrv/clipboard.c b/sesman/chansrv/clipboard.c
index 67afbd49..d277d474 100644
--- a/sesman/chansrv/clipboard.c
+++ b/sesman/chansrv/clipboard.c
@@ -247,7 +247,7 @@ static int g_cliprdr_flags = CB_USE_LONG_FORMAT_NAMES |
 static int g_formatIds[16];
 static int g_num_formatIds = 0;
 
-static int g_file_format_id = 0;
+static int g_file_format_id = -1;
 
 /*****************************************************************************/
 /* this is one way to get the current time from the x server */
diff --git a/sesman/chansrv/clipboard_file.c b/sesman/chansrv/clipboard_file.c
index 54a7b46a..121d96a7 100644
--- a/sesman/chansrv/clipboard_file.c
+++ b/sesman/chansrv/clipboard_file.c
@@ -593,7 +593,17 @@ clipboard_c2s_in_files(struct stream *s, char *file_list)
     struct clip_file_desc *cfd;
     char *ptr;
 
+    if (!s_check_rem(s, 4))
+    {
+        LLOGLN(0, ("clipboard_c2s_in_files: parse error"));
+        return 1;
+    }
     in_uint32_le(s, cItems);
+    if (cItems > 64 * 1024) /* sanity check */
+    {
+        LLOGLN(0, ("clipboard_c2s_in_files: error cItems %d too big", cItems));
+        return 1;
+    }
     fuse_clear_clip_dir();
     LLOGLN(10, ("clipboard_c2s_in_files: cItems %d", cItems));
     cfd = (struct clip_file_desc *)