diff --git a/lib/security.c b/lib/security.c
index 3a9642ae4d..7f6f3da0a1 100644
--- a/lib/security.c
+++ b/lib/security.c
@@ -101,6 +101,7 @@ static const struct Curl_sec_client_mech * const mechs[] = {
   NULL
 };
 
+/* TODO: This function isn't actually used anywhere and should be removed */
 int
 Curl_sec_getc(struct connectdata *conn, FILE *F)
 {
@@ -124,6 +125,7 @@ block_read(int fd, void *buf, size_t len)
     if(b == 0)
       return 0;
     else if(b < 0 && (errno == EINTR || errno == EAGAIN))
+      /* TODO: this will busy loop in the EAGAIN case */
       continue;
     else if(b < 0)
       return -1;
@@ -163,6 +165,8 @@ sec_get_data(struct connectdata *conn,
   else if(b < 0)
     return -1;
   len = ntohl(len);
+  /* TODO: This realloc will cause a memory leak in an out of memory
+   * condition */
   buf->data = realloc(buf->data, len);
   b = buf->data ? block_read(fd, buf->data, len) : -1;
   if(b == 0)
diff --git a/lib/sendf.c b/lib/sendf.c
index 7a8c3cad2d..4fe0b4806c 100644
--- a/lib/sendf.c
+++ b/lib/sendf.c
@@ -630,13 +630,16 @@ int Curl_read(struct connectdata *conn, /* connection data */
       return -1;
 #endif
     if(nread < 0)
-      /* since it is negative and not EGAIN, it was a protocol-layer error */
+      /* since it is negative and not EAGAIN, it was a protocol-layer error */
       return CURLE_RECV_ERROR;
   }
   else {
     if(conn->sec_complete)
       nread = Curl_sec_read(conn, sockfd, buffertofill,
                             bytesfromsocket);
+    /* TODO: Need to handle EAGAIN here somehow, similar to how it
+     * is done in Curl_read_plain, either right here or in Curl_sec_read
+     * itself. */
     else {
       int ret = Curl_read_plain(sockfd, buffertofill, bytesfromsocket,
                                      &nread);