diff --git a/include/context_tool.h b/include/context_tool.h
index b8b437a10dd008ae47bf33696c52a6ba54eedc10..2160be70ea3e5d1dda9aec119df9c51e5dcc7eb5 100644
--- a/include/context_tool.h
+++ b/include/context_tool.h
@@ -40,6 +40,7 @@ typedef struct RequiredProductCompatibilityIDHead {
 
 void FreeContextBuffer(char *contextBuffer);
 int32_t GetFileContext(const char *inputFile, char **contextBufPtr, uint32_t *bufferLen);
+int32_t CheckFileAndGetFileContext(const char *inputFile, char **contextBufPtr, uint32_t *bufferLen);
 int32_t ConvertedContextSaveAsFile(char *outDirPath, const char *filename, char *convertedBuffer, size_t contextBufLen);
 int32_t CheckRpcidFormat(const char *inputFile, char **buffer, uint32_t *len);
 cJSON *CreateWholeSyscapJsonObj(void);
diff --git a/interfaces/inner_api/syscap_interface.c b/interfaces/inner_api/syscap_interface.c
index 0580c69396f0b19915b1e2a3e9a1bc147407d14b..7a8442e6a81996a3f73539a71e057588193ed894 100644
--- a/interfaces/inner_api/syscap_interface.c
+++ b/interfaces/inner_api/syscap_interface.c
@@ -625,6 +625,12 @@ static int32_t ComparePcidWithPriSyscap(struct PcidPriSyscapInfo pcidPriSyscapIn
                 free(temp);
                 return -1;
             }
+            if (pcidPriSyscapInfo.ossyscapFlag + prisyscapFlag >= MAX_MISS_SYSCAP) {
+                FreeCompareError(result);
+                PRINT_ERR("array index out of bounds.\n");
+                free(temp);
+                return -1;
+            }
             result->syscap[pcidPriSyscapInfo.ossyscapFlag + prisyscapFlag] = temp;
             ++prisyscapFlag;
         }
diff --git a/src/context_tool.c b/src/context_tool.c
index ea5359fdecfe6b2495939377eb64a1fd891a9bdd..e75f85399b20b05250bf51c1d9393374b4c55529 100644
--- a/src/context_tool.c
+++ b/src/context_tool.c
@@ -92,6 +92,19 @@ int32_t GetFileContext(const char *inputFile, char **contextBufPtr, uint32_t *bu
     return 0;
 }
 
+int32_t CheckFileAndGetFileContext(const char *inputFile, char **contextBufPtr, uint32_t *bufferLen)
+{
+    if (inputFile == NULL) {
+        PRINT_ERR("input file is NULL.\n");
+        return -1;
+    }
+    uint32_t ret = GetFileContext(inputFile, contextBufPtr, bufferLen);
+    if (ret != 0) {
+        PRINT_ERR("GetFileContext failed, input file : %s\n", inputFile);
+    }
+    return ret;
+}
+
 int32_t ConvertedContextSaveAsFile(char *outDirPath, const char *filename, char *convertedBuffer, size_t contextBufLen)
 {
     int32_t ret;
diff --git a/src/create_pcid.c b/src/create_pcid.c
index 7b99567c88c051562a78bb83617d749a784a8731..5a8a32713752f8db067996ee62781ffc5ea85321 100644
--- a/src/create_pcid.c
+++ b/src/create_pcid.c
@@ -249,11 +249,10 @@ int32_t CreatePCID(char *inputFile, char *outDirPath)
     uint32_t privateCapSize, osCapSize;
     uint32_t contextBufLen;
     char *contextBuffer = NULL;
-    cJSON *allOsSyscapObj = CreateWholeSyscapJsonObj();
 
-    int32_t ret = GetFileContext(inputFile, &contextBuffer, (uint32_t *)&contextBufLen);
+    cJSON *allOsSyscapObj = CreateWholeSyscapJsonObj();
+    int32_t ret = CheckFileAndGetFileContext(inputFile, &contextBuffer, (uint32_t *)&contextBufLen);
     if (ret != 0) {
-        PRINT_ERR("GetFileContext failed, input file : %s\n", inputFile);
         return FreeAfterCreatePCID(NULL, allOsSyscapObj, contextBuffer, 0, -1);
     }
 
@@ -481,10 +480,9 @@ int32_t DecodePCID(char *inputFile, char *outDirPath)
     freePcidJsonInfo.jsonRootObj = NULL;
     freePcidJsonInfo.sysCapObj = NULL;
     freePcidJsonInfo.flag = 0;
-
-    ret = GetFileContext(inputFile, &freePcidJsonInfo.contextBuffer, (uint32_t *)&contextBufLen);
+	
+    ret = CheckFileAndGetFileContext(inputFile, &freePcidJsonInfo.contextBuffer, (uint32_t *)&contextBufLen);
     if (ret != 0) {
-        PRINT_ERR("GetFileContext failed, input file : %s\n", inputFile);
         return -1;
     }
 
@@ -693,6 +691,10 @@ static int32_t AddPriSyscapToJsonObj(char *priSyscapString, uint32_t priSyscapSt
 
 static int32_t GetSyscapStr(char *input, char const *priSyscapStr, uint32_t* osSyscap, uint32_t *pcidHeader)
 {
+    if (input == NULL) {
+        PRINT_ERR("inputFile is null.\n");
+        return -1;
+    }
     char *ctx = NULL;
     uint32_t fileContextLen;
     if (GetFileContext(input, &ctx, (uint32_t *)&fileContextLen) != 0) {
@@ -715,6 +717,7 @@ int32_t DecodeStringPCIDToJson(char *input, char *outDirPath)
     uint32_t pcidHeader[PCID_HEADER];
     char *priSyscapStr = NULL;
     char *jsonBuffer = NULL;
+
     ret = GetSyscapStr(input, priSyscapStr, osSyscap, pcidHeader);
     if (ret == -1) {
         return ret;
@@ -872,9 +875,8 @@ int32_t EncodePcidscToString(char *inputFile, char *outDirPath)
     freePcidInfo.outDirPathFinal = outDirPath;
     PCIDMain *pcidMain = NULL;
 
-    ret = GetFileContext(inputFile, &freePcidInfo.contextBuffer, (uint32_t *)&bufferLen);
+    ret = CheckFileAndGetFileContext(inputFile, &freePcidInfo.contextBuffer, (uint32_t *)&bufferLen);
     if (ret != 0) {
-        PRINT_ERR("Get pcid file failed, pcid file path: %s\n", inputFile);
         return -1;
     }
 
diff --git a/src/syscap_tool.c b/src/syscap_tool.c
index 4ff330ad0b2160799bc13b8731d2d60cfdb4e8e4..d58259b464d07d5c7b08fe06db8d4528ffdb46b2 100644
--- a/src/syscap_tool.c
+++ b/src/syscap_tool.c
@@ -150,8 +150,7 @@ int32_t RPCIDEncode(char *inputFile, char *outputPath)
     gJsonObjectSysCap.cjsonObjectRoot = NULL;
     gJsonObjectSysCap.sysCapPtr = NULL;
 
-    if (GetFileContext(inputFile, &contextBuffer, &bufferLen) != 0) {
-        PRINT_ERR("GetFileContext failed, input file : %s\n", inputFile);
+    if (CheckFileAndGetFileContext(inputFile, &contextBuffer, &bufferLen) != 0) {
         return -1;
     }
 
@@ -262,6 +261,11 @@ int32_t RPCIDDecode(char *inputFile, char *outputPath)
     char *convertedBuffer = NULL;
     uint32_t bufferLen;
 
+    if (inputFile == NULL) {
+        PRINT_ERR("inputFile is null.\n");
+        return -1;
+    }
+
     // check rpcid.sc
     if (CheckRpcidFormat(inputFile, &contextBuffer, &bufferLen)) {
         PRINT_ERR("Check rpcid.sc format failed. Input failed: %s\n", inputFile);
@@ -480,6 +484,11 @@ int32_t EncodeRpcidscToString(char *inputFile, char *outDirPath)
     freeAfterEncodeRpcidscInfo.type = 0;
     freeAfterEncodeRpcidscInfo.flag = 0;
 
+    if (inputFile == NULL) {
+        PRINT_ERR("inputFile is null.\n");
+        return -1;
+    }
+
     // check rpcid.sc
     if (CheckRpcidFormat(inputFile, &freeAfterEncodeRpcidscInfo.contextBuffer, &bufferLen) != 0) {
         PRINT_ERR("Check rpcid.sc format failed. Input file: %s\n", inputFile);
@@ -699,6 +708,11 @@ int32_t ComparePcidWithRpcidString(char *pcidFile, char *rpcidFile, uint32_t typ
     uint32_t pcidOsArray[PCID_OUT_BUFFER] = {0};
     uint32_t rpcidOsAarry[PCID_OUT_BUFFER] = {0};
 
+    if (pcidFile == NULL || rpcidFile == NULL) {
+        PRINT_ERR("pcidFile or rpcidFile is null.\n");
+        return -1;
+    }
+
     if (type == TYPE_FILE) {
         if (GetFileContext(pcidFile, &pcidContent, &pcidContentLen)) {
             PRINT_ERR("Get pcid file context failed, input file : %s\n", pcidFile);