diff --git a/frameworks/rand/rand.c b/frameworks/rand/rand.c
index b4a1d97bdf5f49c7c9960cf3780b1b575e8ed5ca..2e46186b82b3844304f7fa18ef3d61f8cd29c0f9 100644
--- a/frameworks/rand/rand.c
+++ b/frameworks/rand/rand.c
@@ -74,7 +74,7 @@ static HcfResult GenerateRandom(HcfRand *self, int32_t numBytes, HcfBlob *random
 
 static HcfResult SetSeed(HcfRand *self, HcfBlob *seed)
 {
-    if ((self == NULL) || (!IsBlobValid(seed))) {
+    if ((self == NULL) || (!IsBlobValid(seed)) || (seed->len > HCF_MAX_BUFFER_LEN)) {
         LOGE("The input self ptr is NULL!");
         return HCF_INVALID_PARAMS;
     }
diff --git a/plugin/openssl_plugin/crypto_operation/hmac/src/mac_openssl.c b/plugin/openssl_plugin/crypto_operation/hmac/src/mac_openssl.c
index 00abbbf4ea604f3b5df212a9439baf211757d736..ce187c42fee87cf54a7948b4a2d229bfd123b00b 100644
--- a/plugin/openssl_plugin/crypto_operation/hmac/src/mac_openssl.c
+++ b/plugin/openssl_plugin/crypto_operation/hmac/src/mac_openssl.c
@@ -141,7 +141,12 @@ static uint32_t OpensslEngineGetMacLength(HcfMacSpi *self)
         LOGE("The CTX is NULL!");
         return HCF_ERR_CRYPTO_OPERATION;
     }
-    return HMAC_size(OpensslGetMacCtx(self));
+    int32_t size = HMAC_size(OpensslGetMacCtx(self));
+    if (size < 0) {
+        LOGE("Get the overflow path length in openssl!");
+        return 0;
+    }
+    return size;
 }
 
 static void OpensslDestroyMac(HcfObjectBase *self)
diff --git a/plugin/openssl_plugin/crypto_operation/md/src/md_openssl.c b/plugin/openssl_plugin/crypto_operation/md/src/md_openssl.c
index c34c5ae234a882c24b2458f58a3ae477bbc71e49..fc8bae5cfbdcec45ffaa5fa6afae859f7cbe783c 100644
--- a/plugin/openssl_plugin/crypto_operation/md/src/md_openssl.c
+++ b/plugin/openssl_plugin/crypto_operation/md/src/md_openssl.c
@@ -114,7 +114,11 @@ static uint32_t OpensslEngineGetMdLength(HcfMdSpi *self)
         LOGE("The CTX is NULL!");
         return 0;
     }
-    uint32_t size = EVP_MD_CTX_size(OpensslGetMdCtx(self));
+    int32_t size = EVP_MD_CTX_size(OpensslGetMdCtx(self));
+    if (size < 0) {
+        LOGE("Get the overflow path length in openssl!");
+        return 0;
+    }
     return size;
 }
 
diff --git a/test/unittest/src/crypto_md_test.cpp b/test/unittest/src/crypto_md_test.cpp
index ee2da93226788b82ff69eded657394b2c369ca74..6bdb968b5d6ff3a1cf3e7ca8aa25022835982af9 100644
--- a/test/unittest/src/crypto_md_test.cpp
+++ b/test/unittest/src/crypto_md_test.cpp
@@ -67,6 +67,12 @@ static void PrintfBlobInHex(uint8_t *data, size_t dataLen)
     printf("\n");
 }
 
+/**
+ * @tc.name: CryptoFrameworkMdTest.CryptoFrameworkMdCreateTest001
+ * @tc.desc: Verify that the creation of the SHA1 Md obj is normal.
+ * @tc.type: FUNC
+ * @tc.require: I5QWEM
+ */
 HWTEST_F(CryptoMdTest, CryptoFrameworkMdCreateTest001, TestSize.Level0)
 {
     int32_t ret = 0;
diff --git a/test/unittest/src/crypto_rand_test.cpp b/test/unittest/src/crypto_rand_test.cpp
index a31f6e982cfd9c75269e6548a4704c7b8e125747..d99f79d9ac060804da159ef9ced993cf3ed34196 100644
--- a/test/unittest/src/crypto_rand_test.cpp
+++ b/test/unittest/src/crypto_rand_test.cpp
@@ -44,6 +44,12 @@ void CryptoRandTest::TearDown() // add destroy here, this will be called when te
 {
 }
 
+/**
+ * @tc.name: CryptoFrameworkRandTest.CryptoFrameworkRandCreateTest001
+ * @tc.desc: Verify that the creation of the random obj is normal.
+ * @tc.type: FUNC
+ * @tc.require: I5QWEN
+ */
 HWTEST_F(CryptoRandTest, CryptoFrameworkRandCreateTest001, TestSize.Level0)
 {
     int32_t ret = 0;