diff --git a/security_lite/huks/common/hks_test_file_operator.c b/security_lite/huks/common/hks_test_file_operator.c
index 735f361a8ee7e0678565be230a08e47d228288be..96353ff6db9acc7caaba478eac3b5f3873e1a40d 100644
--- a/security_lite/huks/common/hks_test_file_operator.c
+++ b/security_lite/huks/common/hks_test_file_operator.c
@@ -104,6 +104,9 @@ static uint32_t FileRead(const char *fileName, uint32_t offset, uint8_t *buf, ui
     }
 
     char filePath[PATH_MAX + 1] = {0};
+    if (memcpy_s(filePath, sizeof(filePath) - 1, fileName, strlen(fileName)) != EOK) {
+        return HKS_ERROR_BAD_STATE;
+    }
     if (strstr(filePath, "../") != NULL) {
         HKS_TEST_LOG_E("invalid filePath, path %s", filePath);
         return 0;