diff --git a/adapter/uhdf2/manager/src/devmgr_uevent.c b/adapter/uhdf2/manager/src/devmgr_uevent.c
index b69fc0a2583d8ee20042ad1399bc720305de18b1..47dbcca04004bbb49851ea4ff2dfe2922d0cd5ad 100644
--- a/adapter/uhdf2/manager/src/devmgr_uevent.c
+++ b/adapter/uhdf2/manager/src/devmgr_uevent.c
@@ -113,6 +113,10 @@ static void DevMgrUeventReplaceLineFeed(char *str, const char *subStr, char c)
     while ((ptr = strstr(str, subStr)) != NULL) {
         ptr[0] = c;
         uint32_t i = 1;
+        if (strlen(ptr) < 1 || strlen(ptr) > SIZE_MAX) {
+            HDF_LOGE("strlen(ptr) overflows");
+            return;
+        }
         const size_t len = strlen(ptr) - 1;
         for (; i < len; i++) {
             ptr[i] = ptr[i + 1];
diff --git a/framework/support/posix/src/osal_time.c b/framework/support/posix/src/osal_time.c
index 149234cae17277ae609130ff35e2c7a8d8c53b56..67c386a1e9a82d2ec364d1879f94c8b5ed7b4b34 100644
--- a/framework/support/posix/src/osal_time.c
+++ b/framework/support/posix/src/osal_time.c
@@ -51,7 +51,8 @@ int32_t OsalDiffTime(const OsalTimespec *start, const OsalTimespec *end, OsalTim
         usec = (HDF_KILO_UNIT * HDF_KILO_UNIT);
         sec = 1;
     }
-    if (end->sec - start->sec > UINT64_MAX  - sec) {
+
+    if (end->sec - start->sec - sec < 0 || end->sec > UINT64_MAX - sec - start->sec) {
         HDF_LOGE("%s end time invalid", __func__);
         return HDF_ERR_INVALID_PARAM;
     }
diff --git a/framework/utils/src/hdf_map.c b/framework/utils/src/hdf_map.c
index 31df0b9061639e9c3b3dd1e6e31a4349b4e09551..6a11063f6725e1a9a57454703cb6cee0904fb7b9 100644
--- a/framework/utils/src/hdf_map.c
+++ b/framework/utils/src/hdf_map.c
@@ -45,7 +45,7 @@ static uint32_t MapHash(const char *hashKey)
 
 static uint32_t MapHashIdx(const Map *map, uint32_t hash)
 {
-    if (map->bucketSize > HDF_UINT32_MAX) {
+    if (map->bucketSize < 1 || map->bucketSize > HDF_UINT32_MAX) {
         return 0;
     }
     return (hash & (map->bucketSize - 1));
diff --git a/interfaces/inner_api/hdi/base/hdi_smq.h b/interfaces/inner_api/hdi/base/hdi_smq.h
index 73ff7c7f79f2ff28652842c6438910b4be52f202..ecdc37ee7199e2da3488221fa431d1a08101456f 100644
--- a/interfaces/inner_api/hdi/base/hdi_smq.h
+++ b/interfaces/inner_api/hdi/base/hdi_smq.h
@@ -401,7 +401,7 @@ bool SharedMemQueue<T>::IsGood()
 template <typename T>
 size_t SharedMemQueue<T>::Align(size_t num, size_t alignSize)
 {
-    if ((num + alignSize - 1) < 0 || num > (SIZE_MAX - alignSize)) {
+    if ((num + alignSize) < 1 || num > (SIZE_MAX - alignSize) || alignSize > (SIZE_MAX - num)) {
         HDF_LOGE("Invalid parameter num or alignSize");
         return 0;
     }