diff --git a/interfaces/inner_kits/native_cpp/camera_source/include/callback/dcamera_source_callback_stub.h b/interfaces/inner_kits/native_cpp/camera_source/include/callback/dcamera_source_callback_stub.h
index 08e85f91e8b2eaa70a03f4fd5a5f4b1a5ea9fffd..40ecb773b300098e5e0f791980a31d000f67f20b 100644
--- a/interfaces/inner_kits/native_cpp/camera_source/include/callback/dcamera_source_callback_stub.h
+++ b/interfaces/inner_kits/native_cpp/camera_source/include/callback/dcamera_source_callback_stub.h
@@ -36,9 +36,13 @@ public:
 private:
     int32_t NotifyRegResultInner(MessageParcel &data, MessageParcel &reply);
     int32_t NotifyUnregResultInner(MessageParcel &data, MessageParcel &reply);
+    bool CheckParams(const std::string& devId, const std::string& dhId, const std::string& reqId,
+        const std::string& result);
 
     using DCameraFunc = int32_t (DCameraSourceCallbackStub::*)(MessageParcel &data, MessageParcel &reply);
     std::map<uint32_t, DCameraFunc> memberFuncMap_;
+    const size_t PARAM_MAX_SIZE = 50 * 1024 * 1024;
+    const size_t DID_MAX_SIZE = 256;
 };
 } // namespace DistributedHardware
 } // namespace OHOS
diff --git a/interfaces/inner_kits/native_cpp/camera_source/include/distributed_camera_source_proxy.h b/interfaces/inner_kits/native_cpp/camera_source/include/distributed_camera_source_proxy.h
index f08f2764394b66853dd270516d3ff783669fc60e..356735e031cf24d333d00a76d4fa8814a010b97f 100644
--- a/interfaces/inner_kits/native_cpp/camera_source/include/distributed_camera_source_proxy.h
+++ b/interfaces/inner_kits/native_cpp/camera_source/include/distributed_camera_source_proxy.h
@@ -43,7 +43,14 @@ public:
     int32_t DCameraNotify(const std::string& devId, const std::string& dhId, std::string& events) override;
 
 private:
+    bool CheckRegParams(const std::string& devId, const std::string& dhId,
+        const std::string& reqId, const EnableParam& param);
+    bool CheckUnregParams(const std::string& devId, const std::string& dhId, const std::string& reqId);
+    bool CheckNotifyParams(const std::string& devId, const std::string& dhId, std::string& events);
+
     static inline BrokerDelegator<DistributedCameraSourceProxy> delegator_;
+    const size_t PARAM_MAX_SIZE = 50 * 1024 * 1024;
+    const size_t DID_MAX_SIZE = 256;
 };
 } // namespace DistributedHardware
 } // namespace OHOS
diff --git a/interfaces/inner_kits/native_cpp/camera_source/src/callback/dcamera_source_callback_stub.cpp b/interfaces/inner_kits/native_cpp/camera_source/src/callback/dcamera_source_callback_stub.cpp
index 29ffc0ebcf51560b4f2c015bee10bb3f1efbf285..ab6cfa713755ba929257ca3543648e138e695629 100644
--- a/interfaces/inner_kits/native_cpp/camera_source/src/callback/dcamera_source_callback_stub.cpp
+++ b/interfaces/inner_kits/native_cpp/camera_source/src/callback/dcamera_source_callback_stub.cpp
@@ -61,6 +61,11 @@ int32_t DCameraSourceCallbackStub::NotifyRegResultInner(MessageParcel &data, Mes
         std::string reqId = data.ReadString();
         int32_t status = data.ReadInt32();
         std::string result = data.ReadString();
+        if (!CheckParams(devId, dhId, reqId, result)) {
+            DHLOGE("DCameraSourceCallbackStub NotifyRegResultInner input is invalid");
+            ret = DCAMERA_BAD_VALUE;
+            break;
+        }
         ret = OnNotifyRegResult(devId, dhId, reqId, status, result);
     } while (0);
     reply.WriteInt32(ret);
@@ -77,10 +82,30 @@ int32_t DCameraSourceCallbackStub::NotifyUnregResultInner(MessageParcel &data, M
         std::string reqId = data.ReadString();
         int32_t status = data.ReadInt32();
         std::string result = data.ReadString();
+        if (!CheckParams(devId, dhId, reqId, result)) {
+            DHLOGE("DCameraSourceCallbackStub NotifyUnregResultInner input is invalid");
+            ret = DCAMERA_BAD_VALUE;
+            break;
+        }
         ret = OnNotifyUnregResult(devId, dhId, reqId, status, result);
     } while (0);
     reply.WriteInt32(ret);
     return DCAMERA_OK;
 }
+
+bool DCameraSourceCallbackStub::CheckParams(const std::string& devId, const std::string& dhId, const std::string& reqId,
+    const std::string& result)
+{
+    if (devId.empty() || devId.size() > DID_MAX_SIZE || dhId.empty() || dhId.size() > DID_MAX_SIZE) {
+        DHLOGE("DCameraSourceCallbackStub CheckParams devId or dhId is invalid");
+        return false;
+    }
+
+    if (reqId.empty() || reqId.size() > DID_MAX_SIZE || result.size() > PARAM_MAX_SIZE) {
+        DHLOGE("DCameraSourceCallbackStub CheckParams reqId or result is invalid");
+        return false;
+    }
+    return true;
+}
 } // namespace DistributedHardware
 } // namespace OHOS
diff --git a/interfaces/inner_kits/native_cpp/camera_source/src/distributed_camera_source_proxy.cpp b/interfaces/inner_kits/native_cpp/camera_source/src/distributed_camera_source_proxy.cpp
index 735fad7ed78980c625f58228d25744f75c19c531..9d284821ba77491691e3c05dd51dc9f5d1e0b70f 100644
--- a/interfaces/inner_kits/native_cpp/camera_source/src/distributed_camera_source_proxy.cpp
+++ b/interfaces/inner_kits/native_cpp/camera_source/src/distributed_camera_source_proxy.cpp
@@ -28,6 +28,10 @@ int32_t DistributedCameraSourceProxy::InitSource(const std::string& params,
     const sptr<IDCameraSourceCallback>& callback)
 {
     DHLOGI("DistributedCameraSourceProxy InitSource");
+    if (params.empty() || params.size() > PARAM_MAX_SIZE) {
+        DHLOGE("DistributedCameraSourceProxy InitSource params is invalid");
+        return DCAMERA_BAD_VALUE;
+    }
     sptr<IRemoteObject> remote = Remote();
     if (remote == nullptr) {
         DHLOGE("DistributedCameraSourceProxy remote service null");
@@ -81,6 +85,10 @@ int32_t DistributedCameraSourceProxy::RegisterDistributedHardware(const std::str
 {
     DHLOGI("DistributedCameraSourceProxy RegisterDistributedHardware devId: %s dhId: %s",
         GetAnonyString(devId).c_str(), GetAnonyString(dhId).c_str());
+    if (!CheckRegParams(devId, dhId, reqId, param)) {
+        DHLOGE("DistributedCameraSourceProxy RegisterDistributedHardware input is invalid");
+        return DCAMERA_BAD_VALUE;
+    }
     sptr<IRemoteObject> remote = Remote();
     if (remote == nullptr) {
         DHLOGE("DistributedCameraSourceProxy remote service null");
@@ -104,11 +112,36 @@ int32_t DistributedCameraSourceProxy::RegisterDistributedHardware(const std::str
     return result;
 }
 
+bool DistributedCameraSourceProxy::CheckRegParams(const std::string& devId, const std::string& dhId,
+    const std::string& reqId, const EnableParam& param)
+{
+    if (devId.empty() || devId.size() > DID_MAX_SIZE || dhId.empty() || dhId.size() > DID_MAX_SIZE) {
+        DHLOGE("DistributedCameraSourceProxy CheckRegParams devId or dhId is invalid");
+        return false;
+    }
+
+    if (reqId.empty() || reqId.size() > DID_MAX_SIZE) {
+        DHLOGE("DistributedCameraSourceProxy CheckRegParams reqId is invalid");
+        return false;
+    }
+
+    if (param.version.empty() || param.version.size() > PARAM_MAX_SIZE ||
+        param.attrs.empty() || param.attrs.size() > PARAM_MAX_SIZE) {
+        DHLOGE("DistributedCameraSourceProxy CheckRegParams param is invalid");
+        return false;
+    }
+    return true;
+}
+
 int32_t DistributedCameraSourceProxy::UnregisterDistributedHardware(const std::string& devId, const std::string& dhId,
     const std::string& reqId)
 {
     DHLOGI("DistributedCameraSourceProxy UnregisterDistributedHardware devId: %s dhId: %s",
         GetAnonyString(devId).c_str(), GetAnonyString(dhId).c_str());
+    if (!CheckUnregParams(devId, dhId, reqId)) {
+        DHLOGE("DistributedCameraSourceProxy UnregisterDistributedHardware input is invalid");
+        return DCAMERA_BAD_VALUE;
+    }
     sptr<IRemoteObject> remote = Remote();
     if (remote == nullptr) {
         DHLOGE("DistributedCameraSourceProxy remote service null");
@@ -131,11 +164,30 @@ int32_t DistributedCameraSourceProxy::UnregisterDistributedHardware(const std::s
     return result;
 }
 
+bool DistributedCameraSourceProxy::CheckUnregParams(const std::string& devId, const std::string& dhId,
+    const std::string& reqId)
+{
+    if (devId.empty() || devId.size() > DID_MAX_SIZE || dhId.empty() || dhId.size() > DID_MAX_SIZE) {
+        DHLOGE("DistributedCameraSourceProxy CheckUnregParams devId or dhId is invalid");
+        return false;
+    }
+
+    if (reqId.empty() || reqId.size() > DID_MAX_SIZE) {
+        DHLOGE("DistributedCameraSourceProxy CheckUnregParams reqId is invalid");
+        return false;
+    }
+    return true;
+}
+
 int32_t DistributedCameraSourceProxy::DCameraNotify(const std::string& devId, const std::string& dhId,
     std::string& events)
 {
     DHLOGI("DCameraNotify devId: %s dhId: %s events: %s",
         GetAnonyString(devId).c_str(), GetAnonyString(dhId).c_str(), events.c_str());
+    if (!CheckNotifyParams(devId, dhId, events)) {
+        DHLOGE("DistributedCameraSourceProxy DCameraNotify input is invalid");
+        return DCAMERA_BAD_VALUE;
+    }
     sptr<IRemoteObject> remote = Remote();
     if (remote == nullptr) {
         DHLOGE("DistributedCameraSourceProxy remote service null");
@@ -157,5 +209,20 @@ int32_t DistributedCameraSourceProxy::DCameraNotify(const std::string& devId, co
     int32_t result = reply.ReadInt32();
     return result;
 }
+
+bool DistributedCameraSourceProxy::CheckNotifyParams(const std::string& devId, const std::string& dhId,
+    std::string& events)
+{
+    if (devId.empty() || devId.size() > DID_MAX_SIZE || dhId.empty() || dhId.size() > DID_MAX_SIZE) {
+        DHLOGE("DistributedCameraSourceProxy CheckNotifyParams devId or dhId is invalid");
+        return false;
+    }
+
+    if (events.empty() || events.size() > PARAM_MAX_SIZE) {
+        DHLOGE("DistributedCameraSourceProxy CheckNotifyParams events is invalid");
+        return false;
+    }
+    return true;
+}
 } // namespace DistributedHardware
 } // namespace OHOS
diff --git a/services/cameraservice/cameraoperator/client/src/dcamera_client.cpp b/services/cameraservice/cameraoperator/client/src/dcamera_client.cpp
index bd8b44adeabb90cd0bdedfdb17a6ea328f216743..84f94373196c7ed65c9c8cc5e206161055e39589 100644
--- a/services/cameraservice/cameraoperator/client/src/dcamera_client.cpp
+++ b/services/cameraservice/cameraoperator/client/src/dcamera_client.cpp
@@ -564,9 +564,8 @@ void DCameraClient::SetPhotoCaptureLocation(const std::shared_ptr<Camera::Camera
         location->longitude = item.data.d[longitudeIndex];
         location->altitude = item.data.d[altitudeIndex];
         photoCaptureSetting->SetLocation(location);
-        DHLOGI("DCameraClient::SetPhotoCaptureLocation %s photo capture settings set %d location: " +
-            "latitude=%f, longitude=%f, altitude=%f", GetAnonyString(cameraId_).c_str(), item.count,
-            item.data.d[latitudeIndex], item.data.d[longitudeIndex], item.data.d[altitudeIndex]);
+        DHLOGI("DCameraClient::SetPhotoCaptureLocation %s photo capture settings set %d location success" , 
+            GetAnonyString(cameraId_).c_str(), item.count);
     }
 }
 
diff --git a/services/cameraservice/sinkservice/include/distributedcamera/distributed_camera_sink_service.h b/services/cameraservice/sinkservice/include/distributedcamera/distributed_camera_sink_service.h
index 40f5d4db88a0965d6bf7dd48fbae47912c2a6432..2222c4fcd4480a0a917797db7b50d6574421fde2 100644
--- a/services/cameraservice/sinkservice/include/distributedcamera/distributed_camera_sink_service.h
+++ b/services/cameraservice/sinkservice/include/distributedcamera/distributed_camera_sink_service.h
@@ -59,6 +59,7 @@ private:
     std::string sinkVer_;
     std::map<std::string, std::shared_ptr<DCameraSinkDev>> camerasMap_;
     static DistributedCameraSinkService* dcSinkService;
+    const size_t DUMP_MAX_SIZE = 10 * 1024;
 };
 } // namespace DistributedHardware
 } // namespace OHOS
diff --git a/services/cameraservice/sinkservice/src/distributedcamera/dcamera_sink_hidumper.cpp b/services/cameraservice/sinkservice/src/distributedcamera/dcamera_sink_hidumper.cpp
index 06b08a54734cc241ba66e36511f941fe4cc9998f..4ab389129705ba43da1a00cad37307163c85126c 100644
--- a/services/cameraservice/sinkservice/src/distributedcamera/dcamera_sink_hidumper.cpp
+++ b/services/cameraservice/sinkservice/src/distributedcamera/dcamera_sink_hidumper.cpp
@@ -47,9 +47,6 @@ bool DcameraSinkHidumper::Dump(const std::vector<std::string>& args, std::string
     DHLOGI("DcameraSinkHidumper Dump args.size():%d.", args.size());
     result.clear();
     int32_t argsSize = static_cast<int32_t>(args.size());
-    for (int32_t i = 0; i < argsSize; i++) {
-        DHLOGI("DcameraSinkHidumper Dump args[%d]: %s.", i, args.at(i).c_str());
-    }
 
     if (args.empty()) {
         ShowHelp(result);
@@ -59,6 +56,10 @@ bool DcameraSinkHidumper::Dump(const std::vector<std::string>& args, std::string
         return true;
     }
 
+    for (int32_t i = 0; i < argsSize; i++) {
+        DHLOGI("DcameraSinkHidumper Dump args[%d]: %s.", i, args.at(i).c_str());
+    }
+
     if (ProcessDump(args[0], result) != DCAMERA_OK) {
         return false;
     }
diff --git a/services/cameraservice/sinkservice/src/distributedcamera/distributed_camera_sink_service.cpp b/services/cameraservice/sinkservice/src/distributedcamera/distributed_camera_sink_service.cpp
index 1ae84ce7f4ad3359f7bfe7de5dc0ea9f48320e91..7403f73005b5fc5462e2f1cb3b8d553ebb9cec83 100644
--- a/services/cameraservice/sinkservice/src/distributedcamera/distributed_camera_sink_service.cpp
+++ b/services/cameraservice/sinkservice/src/distributedcamera/distributed_camera_sink_service.cpp
@@ -266,6 +266,10 @@ int32_t DistributedCameraSinkService::CloseChannel(const std::string& dhId)
 int DistributedCameraSinkService::Dump(int32_t fd, const std::vector<std::u16string>& args)
 {
     DHLOGI("DistributedCameraSinkService Dump.");
+    if (args.size() > DUMP_MAX_SIZE) {
+        DHLOGE("DistributedCameraSinkService Dump input is invalid");
+        return DCAMERA_BAD_VALUE;
+    }
     std::string result;
     std::vector<std::string> argsStr;
     for (auto item : args) {
diff --git a/services/cameraservice/sourceservice/include/distributedcamera/dcamera_source_callback_proxy.h b/services/cameraservice/sourceservice/include/distributedcamera/dcamera_source_callback_proxy.h
index fa9dcbef443858456bf8bcded178b03f44725829..1df2535ffa3c90a12c62cc6645fb7ca17ac59c94 100644
--- a/services/cameraservice/sourceservice/include/distributedcamera/dcamera_source_callback_proxy.h
+++ b/services/cameraservice/sourceservice/include/distributedcamera/dcamera_source_callback_proxy.h
@@ -37,7 +37,12 @@ public:
     int32_t OnNotifyUnregResult(const std::string& devId, const std::string& dhId, const std::string& reqId,
         int32_t status, std::string& data) override;
 private:
+    bool CheckParams(const std::string& devId, const std::string& dhId,
+        const std::string& reqId, std::string& data);
+
     static inline BrokerDelegator<DCameraSourceCallbackProxy> delegator_;
+    const size_t PARAM_MAX_SIZE = 50 * 1024 * 1024;
+    const size_t DID_MAX_SIZE = 256;
 };
 } // namespace DistributedHardware
 } // namespace OHOS
diff --git a/services/cameraservice/sourceservice/include/distributedcamera/distributed_camera_source_service.h b/services/cameraservice/sourceservice/include/distributedcamera/distributed_camera_source_service.h
index 52d6bba9aa53779745c0a7472b97fe368c67cb9d..8da2db80f82b5a0ed695121bbbabf15d3808181a 100644
--- a/services/cameraservice/sourceservice/include/distributedcamera/distributed_camera_source_service.h
+++ b/services/cameraservice/sourceservice/include/distributedcamera/distributed_camera_source_service.h
@@ -67,6 +67,8 @@ private:
 
     std::shared_ptr<ICameraStateListener> listener_;
     std::string sourceVer_;
+    const size_t MAX_CAMERAS_NUMBER = 32;
+    const size_t DUMP_MAX_SIZE = 10 * 1024;
 };
 } // namespace DistributedHardware
 } // namespace OHOS
diff --git a/services/cameraservice/sourceservice/include/distributedcamera/distributed_camera_source_stub.h b/services/cameraservice/sourceservice/include/distributedcamera/distributed_camera_source_stub.h
index 1951816d16754d3aa310f366b7b8f74699fd43a8..7b34b3033ba857209be2c6f562490c3b5265d803 100644
--- a/services/cameraservice/sourceservice/include/distributedcamera/distributed_camera_source_stub.h
+++ b/services/cameraservice/sourceservice/include/distributedcamera/distributed_camera_source_stub.h
@@ -35,9 +35,15 @@ private:
     int32_t RegisterDistributedHardwareInner(MessageParcel &data, MessageParcel &reply);
     int32_t UnregisterDistributedHardwareInner(MessageParcel &data, MessageParcel &reply);
     int32_t DCameraNotifyInner(MessageParcel &data, MessageParcel &reply);
+    bool CheckRegParams(const std::string& devId, const std::string& dhId,
+        const std::string& reqId, const EnableParam& param);
+    bool CheckUnregParams(const std::string& devId, const std::string& dhId, const std::string& reqId);
+    bool CheckNotifyParams(const std::string& devId, const std::string& dhId, std::string& events);
 
     using DCameraFunc = int32_t (DistributedCameraSourceStub::*)(MessageParcel &data, MessageParcel &reply);
     std::map<uint32_t, DCameraFunc> memberFuncMap_;
+    const size_t PARAM_MAX_SIZE = 50 * 1024 * 1024;
+    const size_t DID_MAX_SIZE = 256;
 };
 } // namespace DistributedHardware
 } // namespace OHOS
diff --git a/services/cameraservice/sourceservice/include/distributedcameramgr/dcamerahdf/dcamera_provider_callback_impl.h b/services/cameraservice/sourceservice/include/distributedcameramgr/dcamerahdf/dcamera_provider_callback_impl.h
index a373ee635aa6da120389a565ffbea921b50c6bf9..9a62703d279bef9e5c2fb4e5e76088922daefde2 100644
--- a/services/cameraservice/sourceservice/include/distributedcameramgr/dcamerahdf/dcamera_provider_callback_impl.h
+++ b/services/cameraservice/sourceservice/include/distributedcameramgr/dcamerahdf/dcamera_provider_callback_impl.h
@@ -36,9 +36,17 @@ public:
     int32_t UpdateSettings(const DHBase& dhBase, const std::vector<DCameraSettings>& settings) override;
 
 private:
+    bool CheckDHBase(const DHBase& dhBase);
+    bool CheckStreamInfo(const DCStreamInfo& stream);
+    bool CheckCaptureInfo(const DCCaptureInfo& captureInfo);
+
     std::string devId_;
     std::string dhId_;
     std::weak_ptr<DCameraSourceDev> sourceDev_;
+    const size_t PARAM_MAX_SIZE = 50 * 1024 * 1024;
+    const size_t DID_MAX_SIZE = 256;
+    const int32_t RESOLUTION_MAX_WIDTH = 10000;
+    const int32_t RESOLUTION_MAX_HEIGHT = 10000;
 };
 } // namespace DistributedHardware
 } // namespace OHOS
diff --git a/services/cameraservice/sourceservice/src/distributedcamera/dcamera_source_callback_proxy.cpp b/services/cameraservice/sourceservice/src/distributedcamera/dcamera_source_callback_proxy.cpp
index 3bf4f8da08be8aa55f5223e6006c68075c7ac5d5..dee397ca93c1072856795b726b1f362c0d0ccf58 100644
--- a/services/cameraservice/sourceservice/src/distributedcamera/dcamera_source_callback_proxy.cpp
+++ b/services/cameraservice/sourceservice/src/distributedcamera/dcamera_source_callback_proxy.cpp
@@ -26,6 +26,10 @@ namespace DistributedHardware {
 int32_t DCameraSourceCallbackProxy::OnNotifyRegResult(const std::string& devId, const std::string& dhId,
     const std::string& reqId, int32_t status, std::string& data)
 {
+    if (!CheckParams(devId, dhId, reqId, data)) {
+        DHLOGE("DCameraSourceCallbackProxy OnNotifyRegResult input is invalid");
+        return DCAMERA_BAD_VALUE;
+    }
     sptr<IRemoteObject> remote = Remote();
     if (remote == nullptr) {
         DHLOGE("DCameraSourceCallbackProxy remote service null");
@@ -52,6 +56,10 @@ int32_t DCameraSourceCallbackProxy::OnNotifyRegResult(const std::string& devId,
 int32_t DCameraSourceCallbackProxy::OnNotifyUnregResult(const std::string& devId, const std::string& dhId,
     const std::string& reqId, int32_t status, std::string& data)
 {
+    if (!CheckParams(devId, dhId, reqId, data)) {
+        DHLOGE("DCameraSourceCallbackProxy OnNotifyUnregResult input is invalid");
+        return DCAMERA_BAD_VALUE;
+    }
     sptr<IRemoteObject> remote = Remote();
     if (remote == nullptr) {
         DHLOGE("DCameraSourceCallbackProxy remote service null");
@@ -74,5 +82,20 @@ int32_t DCameraSourceCallbackProxy::OnNotifyUnregResult(const std::string& devId
     int32_t result = reply.ReadInt32();
     return result;
 }
+
+bool DCameraSourceCallbackProxy::CheckParams(const std::string& devId, const std::string& dhId,
+    const std::string& reqId, std::string& data)
+{
+    if (devId.empty() || devId.size() > DID_MAX_SIZE || dhId.empty() || dhId.size() > DID_MAX_SIZE) {
+        DHLOGE("DCameraSourceCallbackProxy CheckParams devId or dhId is invalid");
+        return false;
+    }
+
+    if (reqId.empty() || reqId.size() > DID_MAX_SIZE || data.size() > PARAM_MAX_SIZE) {
+        DHLOGE("DCameraSourceCallbackProxy CheckParams reqId or data is invalid");
+        return false;
+    }
+    return true;
+}
 } // namespace DistributedHardware
 } // namespace OHOS
diff --git a/services/cameraservice/sourceservice/src/distributedcamera/dcamera_source_hidumper.cpp b/services/cameraservice/sourceservice/src/distributedcamera/dcamera_source_hidumper.cpp
index 3db25a3ade3a21d57013f69a544fb10b36b2b32a..7b4ab149f6a5bd57f52aae7fed91d018c747beae 100644
--- a/services/cameraservice/sourceservice/src/distributedcamera/dcamera_source_hidumper.cpp
+++ b/services/cameraservice/sourceservice/src/distributedcamera/dcamera_source_hidumper.cpp
@@ -60,9 +60,6 @@ bool DcameraSourceHidumper::Dump(const std::vector<std::string>& args, std::stri
     DHLOGI("DcameraSourceHidumper Dump args.size():%d.", args.size());
     result.clear();
     int32_t argsSize = static_cast<int32_t>(args.size());
-    for (int32_t i = 0; i < argsSize; i++) {
-        DHLOGI("DcameraSourceHidumper Dump args[%d]: %s.", i, args.at(i).c_str());
-    }
 
     if (args.empty()) {
         ShowHelp(result);
@@ -72,6 +69,10 @@ bool DcameraSourceHidumper::Dump(const std::vector<std::string>& args, std::stri
         return true;
     }
 
+    for (int32_t i = 0; i < argsSize; i++) {
+        DHLOGI("DcameraSourceHidumper Dump args[%d]: %s.", i, args.at(i).c_str());
+    }
+
     if (ProcessDump(args[0], result) != DCAMERA_OK) {
         return false;
     }
diff --git a/services/cameraservice/sourceservice/src/distributedcamera/distributed_camera_source_service.cpp b/services/cameraservice/sourceservice/src/distributedcamera/distributed_camera_source_service.cpp
index 39bebfe4e197991cf1c104c745c28a350031e67c..32e2b987a907628d52832b2df651e60d0c1ba08b 100644
--- a/services/cameraservice/sourceservice/src/distributedcamera/distributed_camera_source_service.cpp
+++ b/services/cameraservice/sourceservice/src/distributedcamera/distributed_camera_source_service.cpp
@@ -117,6 +117,10 @@ int32_t DistributedCameraSourceService::RegisterDistributedHardware(const std::s
 {
     DHLOGI("DistributedCameraSourceService RegisterDistributedHardware devId: %s, dhId: %s, version: %s",
         GetAnonyString(devId).c_str(), GetAnonyString(dhId).c_str(), param.version.c_str());
+    if (camerasMap_.size() > MAX_CAMERAS_NUMBER) {
+        DHLOGE("DistributedCameraSourceService RegisterDistributedHardware cameras exceed the upper limit");
+        return DCAMERA_BAD_VALUE;
+    }
     DCameraIndex camIndex(devId, dhId);
     std::shared_ptr<DCameraSourceDev> camDev = nullptr;
     int32_t ret = DCAMERA_OK;
@@ -222,6 +226,10 @@ int32_t DistributedCameraSourceService::UnLoadCameraHDF()
 int DistributedCameraSourceService::Dump(int32_t fd, const std::vector<std::u16string>& args)
 {
     DHLOGI("DistributedCameraSourceService Dump.");
+    if (args.size() > DUMP_MAX_SIZE) {
+        DHLOGE("DistributedCameraSourceService Dump input is invalid");
+        return DCAMERA_BAD_VALUE;
+    }
     std::string result;
     std::vector<std::string> argsStr;
     for (auto item : args) {
diff --git a/services/cameraservice/sourceservice/src/distributedcamera/distributed_camera_source_stub.cpp b/services/cameraservice/sourceservice/src/distributedcamera/distributed_camera_source_stub.cpp
index e9461b544374c488e91cf79596ee663d5356069b..81dcd86aa51dff2174b06bc0bcf5bc0641ecf172 100644
--- a/services/cameraservice/sourceservice/src/distributedcamera/distributed_camera_source_stub.cpp
+++ b/services/cameraservice/sourceservice/src/distributedcamera/distributed_camera_source_stub.cpp
@@ -58,6 +58,11 @@ int32_t DistributedCameraSourceStub::InitSourceInner(MessageParcel &data, Messag
     int32_t ret = DCAMERA_OK;
     do {
         std::string params = data.ReadString();
+        if (params.empty() || params.size() > PARAM_MAX_SIZE) {
+            DHLOGE("DistributedCameraSourceStub InitSourceInner input params is invalid");
+            ret = DCAMERA_BAD_VALUE;
+            break;
+        }
         sptr<IRemoteObject> remoteObj = data.ReadRemoteObject();
         if (remoteObj == nullptr) {
             DHLOGE("DistributedCameraSourceStub initSource read object failed");
@@ -98,6 +103,11 @@ int32_t DistributedCameraSourceStub::RegisterDistributedHardwareInner(MessagePar
         EnableParam params;
         params.version = data.ReadString();
         params.attrs = data.ReadString();
+        if (!CheckRegParams(devId, dhId, reqId, params)) {
+            DHLOGE("DistributedCameraSourceStub RegisterDistributedHardwareInner input is invalid");
+            ret = DCAMERA_BAD_VALUE;
+            break;
+        }
         ret = RegisterDistributedHardware(devId, dhId, reqId, params);
         DHLOGI("DistributedCameraSourceStub RegisterDistributedHardware %d", ret);
     } while (0);
@@ -105,6 +115,27 @@ int32_t DistributedCameraSourceStub::RegisterDistributedHardwareInner(MessagePar
     return DCAMERA_OK;
 }
 
+bool DistributedCameraSourceStub::CheckRegParams(const std::string& devId, const std::string& dhId,
+    const std::string& reqId, const EnableParam& param)
+{
+    if (devId.empty() || devId.size() > DID_MAX_SIZE || dhId.empty() || dhId.size() > DID_MAX_SIZE) {
+        DHLOGE("DistributedCameraSourceStub CheckRegParams devId or dhId is invalid");
+        return false;
+    }
+
+    if (reqId.empty() || reqId.size() > DID_MAX_SIZE) {
+        DHLOGE("DistributedCameraSourceStub CheckRegParams reqId is invalid");
+        return false;
+    }
+
+    if (param.version.empty() || param.version.size() > PARAM_MAX_SIZE ||
+        param.attrs.empty() || param.attrs.size() > PARAM_MAX_SIZE) {
+        DHLOGE("DistributedCameraSourceStub CheckRegParams param is invalid");
+        return false;
+    }
+    return true;
+}
+
 int32_t DistributedCameraSourceStub::UnregisterDistributedHardwareInner(MessageParcel &data, MessageParcel &reply)
 {
     DHLOGD("DistributedCameraSourceStub UnregisterDistributedHardwareInner");
@@ -113,12 +144,32 @@ int32_t DistributedCameraSourceStub::UnregisterDistributedHardwareInner(MessageP
         std::string devId = data.ReadString();
         std::string dhId = data.ReadString();
         std::string reqId = data.ReadString();
+        if (!CheckUnregParams(devId, dhId, reqId)) {
+            DHLOGE("DistributedCameraSourceService UnregisterDistributedHardware input is invalid");
+            ret = DCAMERA_BAD_VALUE;
+            break;
+        }
         ret = UnregisterDistributedHardware(devId, dhId, reqId);
     } while (0);
     reply.WriteInt32(ret);
     return DCAMERA_OK;
 }
 
+bool DistributedCameraSourceStub::CheckUnregParams(const std::string& devId, const std::string& dhId,
+    const std::string& reqId)
+{
+    if (devId.empty() || devId.size() > DID_MAX_SIZE || dhId.empty() || dhId.size() > DID_MAX_SIZE) {
+        DHLOGE("DistributedCameraSourceStub CheckUnregParams devId or dhId is invalid");
+        return false;
+    }
+
+    if (reqId.empty() || reqId.size() > DID_MAX_SIZE) {
+        DHLOGE("DistributedCameraSourceStub CheckUnregParams reqId is invalid");
+        return false;
+    }
+    return true;
+}
+
 int32_t DistributedCameraSourceStub::DCameraNotifyInner(MessageParcel &data, MessageParcel &reply)
 {
     int32_t ret = DCAMERA_OK;
@@ -126,10 +177,30 @@ int32_t DistributedCameraSourceStub::DCameraNotifyInner(MessageParcel &data, Mes
         std::string devId = data.ReadString();
         std::string dhId = data.ReadString();
         std::string events = data.ReadString();
+        if (!CheckNotifyParams(devId, dhId, events)) {
+            DHLOGE("DistributedCameraSourceStub DCameraNotifyInner input is invalid");
+            ret = DCAMERA_BAD_VALUE;
+            break;
+        }
         ret = DCameraNotify(devId, dhId, events);
     } while (0);
     reply.WriteInt32(ret);
     return DCAMERA_OK;
 }
+
+bool DistributedCameraSourceStub::CheckNotifyParams(const std::string& devId, const std::string& dhId,
+    std::string& events)
+{
+    if (devId.empty() || devId.size() > DID_MAX_SIZE || dhId.empty() || dhId.size() > DID_MAX_SIZE) {
+        DHLOGE("DistributedCameraSourceStub CheckNotifyParams devId or dhId is invalid");
+        return false;
+    }
+
+    if (events.empty() || events.size() > PARAM_MAX_SIZE) {
+        DHLOGE("DistributedCameraSourceStub CheckNotifyParams events is invalid");
+        return false;
+    }
+    return true;
+}
 } // namespace DistributedHardware
 } // namespace OHOS
diff --git a/services/cameraservice/sourceservice/src/distributedcameramgr/dcamerahdf/dcamera_provider_callback_impl.cpp b/services/cameraservice/sourceservice/src/distributedcameramgr/dcamerahdf/dcamera_provider_callback_impl.cpp
index 47cafff03b4f9b86448398980a9d248f63792f19..d292121834f0a78404034d4141bc1fe03b8f7941 100644
--- a/services/cameraservice/sourceservice/src/distributedcameramgr/dcamerahdf/dcamera_provider_callback_impl.cpp
+++ b/services/cameraservice/sourceservice/src/distributedcameramgr/dcamerahdf/dcamera_provider_callback_impl.cpp
@@ -41,6 +41,10 @@ int32_t DCameraProviderCallbackImpl::OpenSession(const DHBase& dhBase)
 {
     DHLOGI("DCameraProviderCallbackImpl OpenSession devId: %s dhId: %s", GetAnonyString(devId_).c_str(),
         GetAnonyString(dhId_).c_str());
+    if (!CheckDHBase(dhBase)) {
+        DHLOGE("DCameraProviderCallbackImpl OpenSession input is invalid");
+        return FAILED;
+    }
     std::shared_ptr<DCameraSourceDev> sourceDev = sourceDev_.lock();
     if (sourceDev == nullptr) {
         DHLOGE("DCameraProviderCallbackImpl OpenSession failed, can not get device, devId: %s, dhId: %s",
@@ -61,6 +65,10 @@ int32_t DCameraProviderCallbackImpl::CloseSession(const DHBase& dhBase)
 {
     DHLOGI("DCameraProviderCallbackImpl CloseSession devId: %s dhId: %s", GetAnonyString(devId_).c_str(),
         GetAnonyString(dhId_).c_str());
+    if (!CheckDHBase(dhBase)) {
+        DHLOGE("DCameraProviderCallbackImpl CloseSession input is invalid");
+        return FAILED;
+    }
     std::shared_ptr<DCameraSourceDev> sourceDev = sourceDev_.lock();
     if (sourceDev == nullptr) {
         DHLOGE("DCameraProviderCallbackImpl CloseSession failed, can not get device, devId: %s, dhId: %s",
@@ -77,11 +85,25 @@ int32_t DCameraProviderCallbackImpl::CloseSession(const DHBase& dhBase)
     return SUCCESS;
 }
 
+bool DCameraProviderCallbackImpl::CheckDHBase(const DHBase& dhBase)
+{
+    if (dhBase.deviceId_.empty() || dhBase.deviceId_.size() > DID_MAX_SIZE ||
+        dhBase.dhId_.empty() || dhBase.dhId_.size() > DID_MAX_SIZE ) {
+        DHLOGE("DCameraProviderCallbackImpl CheckDHBase dhBase is invalid");
+        return false;
+    }
+    return true;
+}
+
 int32_t DCameraProviderCallbackImpl::ConfigureStreams(const DHBase& dhBase,
     const std::vector<DCStreamInfo>& streamInfos)
 {
     DHLOGI("DCameraProviderCallbackImpl ConfigStreams devId: %s dhId: %s", GetAnonyString(devId_).c_str(),
         GetAnonyString(dhId_).c_str());
+    if (!CheckDHBase(dhBase) || streamInfos.empty() || streamInfos.size() > PARAM_MAX_SIZE) {
+        DHLOGE("DCameraProviderCallbackImpl ConfigStreams input is invalid");
+        return FAILED;
+    }
     std::shared_ptr<DCameraSourceDev> sourceDev = sourceDev_.lock();
     if (sourceDev == nullptr) {
         DHLOGE("DCameraProviderCallbackImpl ConfigStreams failed, can not get device, devId: %s, dhId: %s",
@@ -90,6 +112,10 @@ int32_t DCameraProviderCallbackImpl::ConfigureStreams(const DHBase& dhBase,
     }
     std::vector<std::shared_ptr<DCStreamInfo>> streams;
     for (auto iter = streamInfos.begin(); iter != streamInfos.end(); iter++) {
+        if (!CheckStreamInfo(*iter)) {
+            DHLOGE("DCameraProviderCallbackImpl ConfigStreams streamInfo is invalid");
+            return FAILED;
+        }
         std::shared_ptr<DCStreamInfo> stream = std::make_shared<DCStreamInfo>();
         stream->streamId_ = iter->streamId_;
         stream->width_ = iter->width_;
@@ -110,10 +136,29 @@ int32_t DCameraProviderCallbackImpl::ConfigureStreams(const DHBase& dhBase,
     return SUCCESS;
 }
 
+bool DCameraProviderCallbackImpl::CheckStreamInfo(const DCStreamInfo& stream)
+{
+    if (stream.streamId_ < 0 || stream.width_ < 0 || stream.height_ < 0 ||
+        (stream.width_ * stream.height_ > RESOLUTION_MAX_WIDTH * RESOLUTION_MAX_HEIGHT)) {
+        DHLOGE("DCameraProviderCallbackImpl CheckStreamInfo stream is invalid");
+        return false;
+    }
+
+    if (stream.stride_ < 0 || stream.format_ < 0 || stream.dataspace_ < 0) {
+        DHLOGE("DCameraProviderCallbackImpl CheckStreamInfo stream is invalid");
+        return false;
+    }
+    return true;
+}
+
 int32_t DCameraProviderCallbackImpl::ReleaseStreams(const DHBase& dhBase, const std::vector<int>& streamIds)
 {
     DHLOGI("DCameraProviderCallbackImpl ReleaseStreams devId: %s dhId: %s", GetAnonyString(devId_).c_str(),
         GetAnonyString(dhId_).c_str());
+    if (!CheckDHBase(dhBase) || streamIds.size() > PARAM_MAX_SIZE) {
+        DHLOGE("DCameraProviderCallbackImpl ReleaseStreams input is invalid");
+        return FAILED;
+    }
     std::shared_ptr<DCameraSourceDev> sourceDev = sourceDev_.lock();
     if (sourceDev == nullptr) {
         DHLOGE("DCameraProviderCallbackImpl ReleaseStreams failed, can not get device, devId: %s, dhId: %s",
@@ -133,6 +178,10 @@ int32_t DCameraProviderCallbackImpl::StartCapture(const DHBase& dhBase, const st
 {
     DHLOGI("DCameraProviderCallbackImpl StartCapture devId: %s dhId: %s", GetAnonyString(devId_).c_str(),
         GetAnonyString(dhId_).c_str());
+    if (!CheckDHBase(dhBase) || captureInfos.empty() || captureInfos.size() > PARAM_MAX_SIZE) {
+        DHLOGE("DCameraProviderCallbackImpl StartCapture input is invalid");
+        return FAILED;
+    }
     std::shared_ptr<DCameraSourceDev> sourceDev = sourceDev_.lock();
     if (sourceDev == nullptr) {
         DHLOGE("DCameraProviderCallbackImpl StartCapture failed, can not get device, devId: %s, dhId: %s",
@@ -142,6 +191,16 @@ int32_t DCameraProviderCallbackImpl::StartCapture(const DHBase& dhBase, const st
 
     std::vector<std::shared_ptr<DCCaptureInfo>> captures;
     for (auto iter = captureInfos.begin(); iter != captureInfos.end(); iter++) {
+        if (!CheckCaptureInfo(*iter)) {
+            DHLOGE("DCameraProviderCallbackImpl StartCapture captureInfo is invalid");
+            return FAILED;
+        }
+        for (auto item : iter->captureSettings_) {
+            if (item.value_.size() > PARAM_MAX_SIZE) {
+                DHLOGE("DCameraProviderCallbackImpl StartCapture captureSettings value is too long");
+                return FAILED;
+            }
+        }
         std::shared_ptr<DCCaptureInfo> capture = std::make_shared<DCCaptureInfo>();
         capture->streamIds_.assign(iter->streamIds_.begin(), iter->streamIds_.end());
         capture->width_ = iter->width_;
@@ -164,10 +223,30 @@ int32_t DCameraProviderCallbackImpl::StartCapture(const DHBase& dhBase, const st
     return SUCCESS;
 }
 
+bool DCameraProviderCallbackImpl::CheckCaptureInfo(const DCCaptureInfo& captureInfo)
+{
+    if (sizeof(captureInfo.streamIds_) > PARAM_MAX_SIZE || captureInfo.width_ < 0 || captureInfo.height_ < 0 ||
+        (captureInfo.width_ * captureInfo.height_ > RESOLUTION_MAX_WIDTH * RESOLUTION_MAX_HEIGHT)) {
+        DHLOGE("DCameraProviderCallbackImpl CheckCaptureInfo captureInfo is invalid");
+        return false;
+    }
+
+    if (captureInfo.stride_ < 0 || captureInfo.format_ < 0 || captureInfo.dataspace_ < 0 ||
+        sizeof(captureInfo.captureSettings_) > PARAM_MAX_SIZE) {
+        DHLOGE("DCameraProviderCallbackImpl CheckCaptureInfo captureInfo is invalid");
+        return false;
+    }
+    return true;
+}
+
 int32_t DCameraProviderCallbackImpl::StopCapture(const DHBase& dhBase, const std::vector<int>& streamIds)
 {
     DHLOGI("DCameraProviderCallbackImpl StopCapture devId: %s dhId: %s", GetAnonyString(devId_).c_str(),
         GetAnonyString(dhId_).c_str());
+    if (!CheckDHBase(dhBase) || streamIds.size() > PARAM_MAX_SIZE) {
+        DHLOGE("DCameraProviderCallbackImpl StopCapture input is invalid");
+        return FAILED;
+    }
     std::shared_ptr<DCameraSourceDev> sourceDev = sourceDev_.lock();
     if (sourceDev == nullptr) {
         DHLOGE("DCameraProviderCallbackImpl StopCapture failed, can not get device, devId: %s, dhId: %s",
@@ -187,6 +266,10 @@ int32_t DCameraProviderCallbackImpl::UpdateSettings(const DHBase& dhBase, const
 {
     DHLOGI("DCameraProviderCallbackImpl UpdateSettings devId: %s dhId: %s", GetAnonyString(devId_).c_str(),
         GetAnonyString(dhId_).c_str());
+    if (!CheckDHBase(dhBase) || settings.size() > PARAM_MAX_SIZE) {
+        DHLOGE("DCameraProviderCallbackImpl UpdateSettings input is invalid");
+        return FAILED;
+    }
     std::shared_ptr<DCameraSourceDev> sourceDev = sourceDev_.lock();
     if (sourceDev == nullptr) {
         DHLOGE("DCameraProviderCallbackImpl UpdateSettings failed, can not get device, devId: %s, dhId: %s",
@@ -196,6 +279,10 @@ int32_t DCameraProviderCallbackImpl::UpdateSettings(const DHBase& dhBase, const
 
     std::vector<std::shared_ptr<DCameraSettings>> settingInfos;
     for (auto iter = settings.begin(); iter != settings.end(); iter++) {
+        if (iter->value_.size() > PARAM_MAX_SIZE) {
+            DHLOGE("DCameraProviderCallbackImpl UpdateSettings value is too long");
+            return FAILED;
+        }
         std::shared_ptr<DCameraSettings> settingInfo = std::make_shared<DCameraSettings>();
         settingInfo->type_ = iter->type_;
         settingInfo->value_ = iter->value_;
diff --git a/services/channel/src/dcamera_softbus_session.cpp b/services/channel/src/dcamera_softbus_session.cpp
index cf51e1e221050e68272b07d5c76f97e5ab2c54e3..328847a0f4abe420674a4feaed47ae54b95407d3 100644
--- a/services/channel/src/dcamera_softbus_session.cpp
+++ b/services/channel/src/dcamera_softbus_session.cpp
@@ -213,6 +213,7 @@ void DCameraSoftbusSession::AssembleFrag(std::shared_ptr<DataBuffer>& buffer, Se
     if (headerPara.fragFlag == FRAG_MID || headerPara.fragFlag == FRAG_END) {
         int32_t ret = CheckUnPackBuffer(headerPara);
         if (ret != DCAMERA_OK) {
+            ResetAssembleFrag();
             return;
         }
 
diff --git a/services/data_process/include/pipeline_node/multimedia_codec/decoder/decode_data_process.h b/services/data_process/include/pipeline_node/multimedia_codec/decoder/decode_data_process.h
index dd0937a2e7b07e603aea654d0c5e28cef12d2921..0b6913be0161e20ea4d6582a8cc0520baafc7707 100644
--- a/services/data_process/include/pipeline_node/multimedia_codec/decoder/decode_data_process.h
+++ b/services/data_process/include/pipeline_node/multimedia_codec/decoder/decode_data_process.h
@@ -111,6 +111,8 @@ private:
     constexpr static int32_t RGB32_MEMORY_COEFFICIENT = 4;
     constexpr static int32_t YUV_BYTES_PER_PIXEL = 3;
     constexpr static int32_t Y2UV_RATIO = 2;
+    constexpr static int32_t BUFFER_MAX_SIZE = 50 * 1024 * 1024;
+    constexpr static int32_t ALIGNED_WIDTH_MAX_SIZE = 10000;
 
     std::shared_ptr<EventBus> eventBusPipeline_;
     std::weak_ptr<DCameraPipelineSource> callbackPipelineSource_;
diff --git a/services/data_process/src/pipeline_node/multimedia_codec/decoder/decode_data_process.cpp b/services/data_process/src/pipeline_node/multimedia_codec/decoder/decode_data_process.cpp
index 95033078583a88fdf981292e8e80e14d90b22af0..98a502268485c2dddcef0a868b52d76f5b78916c 100644
--- a/services/data_process/src/pipeline_node/multimedia_codec/decoder/decode_data_process.cpp
+++ b/services/data_process/src/pipeline_node/multimedia_codec/decoder/decode_data_process.cpp
@@ -493,6 +493,10 @@ void DecodeDataProcess::GetDecoderOutputBuffer(const sptr<Surface>& surface)
         return;
     }
     int32_t alignedWidth = surfaceBuffer->GetStride();
+    if (surfaceBuffer->GetSize() > BUFFER_MAX_SIZE || alignedWidth > ALIGNED_WIDTH_MAX_SIZE) {
+        DHLOGE("surface buffer size or alignedWidth too long");
+        return;
+    }
     int32_t alignedHeight = alignedHeight_;
     DHLOGD("OutputBuffer alignedWidth %d, alignedHeight %d, TimeUs %lld.", alignedWidth, alignedHeight, timeStampUs);
     CopyDecodedImage(surfaceBuffer, timeStampUs, alignedWidth, alignedHeight);
diff --git a/services/data_process/src/pipeline_node/multimedia_codec/decoder/decode_data_process_common.cpp b/services/data_process/src/pipeline_node/multimedia_codec/decoder/decode_data_process_common.cpp
index c06b08e34174ec9d418901b8f4e4d96b73bb0aef..b247424bdfb0c45ffa3ba15a7e2da294e9bcb65b 100644
--- a/services/data_process/src/pipeline_node/multimedia_codec/decoder/decode_data_process_common.cpp
+++ b/services/data_process/src/pipeline_node/multimedia_codec/decoder/decode_data_process_common.cpp
@@ -482,6 +482,10 @@ void DecodeDataProcess::GetDecoderOutputBuffer(const sptr<Surface>& surface)
         return;
     }
     int32_t alignedWidth = surfaceBuffer->GetStride();
+    if (surfaceBuffer->GetSize() > BUFFER_MAX_SIZE || alignedWidth > ALIGNED_WIDTH_MAX_SIZE) {
+        DHLOGE("surface buffer size or alignedWidth too long");
+        return;
+    }
     int32_t alignedHeight = alignedHeight_;
     DHLOGD("OutputBuffer alignedWidth %d, alignedHeight %d, TimeUs %lld.", alignedWidth, alignedHeight, timeStampUs);
     CopyDecodedImage(surfaceBuffer, timeStampUs, alignedWidth, alignedHeight);