diff --git a/hapsigntool_cpp/api/src/cert_tools.cpp b/hapsigntool_cpp/api/src/cert_tools.cpp
index e6f6186d1e8f55158ea52ed64509109e3e1a63e6..e634a2e15fd0d97b8d381e37466f64ef2a13b295 100644
--- a/hapsigntool_cpp/api/src/cert_tools.cpp
+++ b/hapsigntool_cpp/api/src/cert_tools.cpp
@@ -335,14 +335,11 @@ X509* CertTools::GenerateSubCert(EVP_PKEY* keyPair, X509_REQ* rootcsr, Options*
             SIGNATURE_TOOLS_LOGE("failed to generate the subCert");
             break;
         }
-        EVP_PKEY_free(subKey);
-        X509_REQ_free(subcsr);
-        return subCert;
     } while (0);
 
     EVP_PKEY_free(subKey);
     X509_REQ_free(subcsr);
-    return nullptr;
+    return subCert;
 }
 
 bool CertTools::SetKeyUsage(X509* cert, Options* options)
@@ -458,6 +455,7 @@ X509* CertTools::GenerateCert(EVP_PKEY* keyPair, X509_REQ* certReq, Options* opt
     X509* cert = X509_new();
     if (cert == nullptr) {
         SIGNATURE_TOOLS_LOGE("failed to create X509 cert");
+        X509_REQ_free(issuercsr);
         return nullptr;
     }
     do {
@@ -503,7 +501,7 @@ X509_REQ* CertTools::GenerateCsr(EVP_PKEY* evpPkey, std::string signAlgorithm, s
         }
 
         name = BuildDN(subject, req);
-        if (!name) {
+        if (name == nullptr) {
             SIGNATURE_TOOLS_LOGE("failed to add subject into cert");
             break;
         }
diff --git a/hapsigntool_cpp/api/src/sign_tool_service_impl.cpp b/hapsigntool_cpp/api/src/sign_tool_service_impl.cpp
index c595576b76310e8ef5f345a5c8603c50c2441c63..c2338ffa76139ed74713e2ab3146599deb36325e 100644
--- a/hapsigntool_cpp/api/src/sign_tool_service_impl.cpp
+++ b/hapsigntool_cpp/api/src/sign_tool_service_impl.cpp
@@ -77,30 +77,32 @@ bool SignToolServiceImpl::GenerateRootCertToFile(Options* options, EVP_PKEY* roo
     std::string subject = options->GetString(Options::SUBJECT);
     X509* certPtr = nullptr;
     X509_REQ* csr = nullptr;
+    bool result = false;
     do {
         csr = CertTools::GenerateCsr(rootKey, signAlg, subject);
-        if (!csr) {
+        if (csr == nullptr) {
+            SIGNATURE_TOOLS_LOGE("generate root cert failed because csr is nullptr!");
             break;
         }
         certPtr = CertTools::GenerateRootCertificate(rootKey, csr, options);
-        if (!certPtr) {
+        if (certPtr == nullptr) {
+            SIGNATURE_TOOLS_LOGE("generate root cert failed because certPtr is nullptr!");
             break;
         }
         if (!X509CertVerify(certPtr, rootKey)) {
+            SIGNATURE_TOOLS_LOGE("generate root cert failed because verify failed!");
             break;
         }
         if (!OutputModeOfCert(certPtr, options)) {
+            SIGNATURE_TOOLS_LOGE("generate root cert failed because output failed!");
             break;
         }
-        X509_free(certPtr);
-        X509_REQ_free(csr);
-        return true;
+        result = true;
     } while (0);
 
-    SIGNATURE_TOOLS_LOGE("generate root cert failed!");
     X509_free(certPtr);
     X509_REQ_free(csr);
-    return false;
+    return result;
 }
 
 bool SignToolServiceImpl::GenerateSubCertToFile(Options* options, EVP_PKEY* rootKey)
@@ -113,33 +115,32 @@ bool SignToolServiceImpl::GenerateSubCertToFile(Options* options, EVP_PKEY* root
     std::string issuer = options->GetString(Options::ISSUER);
     X509* cert = nullptr;
     X509_REQ* csr = nullptr;
+    bool result = false;
     do {
-        if (rootKey == nullptr) {
-            break;
-        }
         csr = CertTools::GenerateCsr(rootKey, signAlg, issuer);
-        if (!csr) {
+        if (csr == nullptr) {
+            SIGNATURE_TOOLS_LOGE("generate sub cert failed because csr is nullptr!");
             break;
         }
         cert = CertTools::GenerateSubCert(rootKey, csr, options);
-        if (!cert) {
+        if (cert == nullptr) {
+            SIGNATURE_TOOLS_LOGE("generate sub cert failed because cert is nullptr!");
             break;
         }
         if (!X509CertVerify(cert, rootKey)) {
+            SIGNATURE_TOOLS_LOGE("generate sub cert failed because verify failed!");
             break;
         }
         if (!OutputModeOfCert(cert, options)) {
+            SIGNATURE_TOOLS_LOGE("generate sub cert failed because output failed!");
             break;
         }
-        X509_free(cert);
-        X509_REQ_free(csr);
-        return true;
+        result = true;
     } while (0);
 
     X509_free(cert);
     X509_REQ_free(csr);
-    SIGNATURE_TOOLS_LOGE("generate sub cert failed!");
-    return false;
+    return result;
 }
 
 int SignToolServiceImpl::HandleIssuerKeyAliasEmpty(Options* options)
diff --git a/hapsigntool_cpp/common/src/byte_buffer.cpp b/hapsigntool_cpp/common/src/byte_buffer.cpp
index 8e4bb06105c620ca03318a50b5f99732427c11c8..f8a9ae5a540f3f151d8cb8505a53a0258ddab4a1 100644
--- a/hapsigntool_cpp/common/src/byte_buffer.cpp
+++ b/hapsigntool_cpp/common/src/byte_buffer.cpp
@@ -23,7 +23,7 @@ namespace SignatureTools {
 
 const int32_t ByteBuffer::MAX_PRINT_LENGTH = 200;
 const int32_t ByteBuffer::HEX_PRINT_LENGTH = 3;
-const int32_t MAX_MEMORY = 2 * 1024 * 1024 * 1024;
+const int64_t MAX_MEMORY = 2L * 1024L * 1024L * 1024L;
 
 template<typename T>
 std::shared_ptr<T> make_shared_array(size_t size)