diff --git a/base/src/parcel.cpp b/base/src/parcel.cpp
index 64fcfc8963d39aca2b28d346993d842a496252c3..04e338de68d8e4e0e1a72b2a1a8ce5714631fe4d 100644
--- a/base/src/parcel.cpp
+++ b/base/src/parcel.cpp
@@ -1098,6 +1098,9 @@ const char *Parcel::ReadCString()
     const char* eos = reinterpret_cast<const char*>(memchr(cstr, 0, avail));
     if (eos != nullptr) {
         const size_t dataLength = eos - cstr;
+        if (ValidateReadData(dataLength + 1)) {
+            return nullptr;
+        }
         readCursor_ += (dataLength + 1);
         SkipBytes(GetPadSize(dataLength + 1));
         return cstr;
diff --git a/base/src/unicode_ex.cpp b/base/src/unicode_ex.cpp
index ff455be6a3cabc317b30aa4f09ccab57980e372a..79854cc440c588e408ae729ffbd99eab86479ecb 100644
--- a/base/src/unicode_ex.cpp
+++ b/base/src/unicode_ex.cpp
@@ -330,7 +330,7 @@ char16_t* Char8ToChar16(const char* str8, size_t str8Len)
 {
     char16_t* str16 = nullptr;
     int utf16Len = Utf8ToUtf16Length(str8, str8Len);
-    if (utf16Len < 0) {
+    if (utf16Len < 0 || utf16Len >= INT_MAX) {
         UTILS_LOGE("Get str16 length failed,length is: %{public}d", utf16Len);
         return nullptr;
     }