diff --git a/server/red_worker.c b/server/red_worker.c
index 0fc83608..9e776b91 100644
--- a/server/red_worker.c
+++ b/server/red_worker.c
@@ -11322,8 +11322,15 @@ static void dev_create_primary_surface(RedWorker *worker, uint32_t surface_id,
     spice_debug(NULL);
     spice_warn_if(surface_id != 0);
     spice_warn_if(surface.height == 0);
-    spice_warn_if(((uint64_t)abs(surface.stride) * (uint64_t)surface.height) !=
-             abs(surface.stride) * surface.height);
+
+    /* surface can arrive from guest unchecked so make sure
+     * guest is not a malicious one and drop invalid requests
+     */
+    if (!red_validate_surface(surface.width, surface.height,
+                              surface.stride, surface.format)) {
+        spice_warning("wrong primary surface creation request");
+        return;
+    }
 
     line_0 = (uint8_t*)get_virt(&worker->mem_slots, surface.mem,
                                 surface.height * abs(surface.stride),