diff --git a/sys/man/9/parsecmd b/sys/man/9/parsecmd
index 84ed5feb2..6affda444 100644
--- a/sys/man/9/parsecmd
+++ b/sys/man/9/parsecmd
@@ -67,6 +67,14 @@ is allocated by
 .IR malloc (9)),
 and the caller is responsible for freeing it using
 .IR free .
+To prevent denial of service to the kernel,
+.I parsecmd
+will error out if
+.I n
+exceeds
+.B READSTR
+bytes.
+.PP
 .I Cmderror
 prepends the given format with the original command,
 then calls
diff --git a/sys/src/9/port/parse.c b/sys/src/9/port/parse.c
index 9d59b5672..20a6941ff 100644
--- a/sys/src/9/port/parse.c
+++ b/sys/src/9/port/parse.c
@@ -36,10 +36,13 @@ ncmdfield(char *p, int n)
 Cmdbuf*
 parsecmd(char *p, int n)
 {
-	Cmdbuf *volatile cb;
+	Cmdbuf *cb;
 	int nf;
 	char *sp;
 
+	if(up!=nil && (uint)n > READSTR)
+		error("control message too big");
+
 	nf = ncmdfield(p, n);
 
 	/* allocate Cmdbuf plus string pointers plus copy of string including \0 */