diff --git a/base/src/parcel.cpp b/base/src/parcel.cpp
index 64fcfc8963d39aca2b28d346993d842a496252c3..7fd2604bcc8d0bf1b42ba071d69fdb7d0b0b573b 100644
--- a/base/src/parcel.cpp
+++ b/base/src/parcel.cpp
@@ -1098,6 +1098,9 @@ const char *Parcel::ReadCString()
     const char* eos = reinterpret_cast<const char*>(memchr(cstr, 0, avail));
     if (eos != nullptr) {
         const size_t dataLength = eos - cstr;
+        if (!ValidateReadData(dataLength + 1)) {
+            return nullptr;
+        }
         readCursor_ += (dataLength + 1);
         SkipBytes(GetPadSize(dataLength + 1));
         return cstr;