diff --git a/0001-46-Check-empty-pointer-before-referenced.patch b/0001-46-Check-empty-pointer-before-referenced.patch
new file mode 100644
index 0000000000000000000000000000000000000000..499405586e927a3587e6b772f70214797dacfb3a
--- /dev/null
+++ b/0001-46-Check-empty-pointer-before-referenced.patch
@@ -0,0 +1,176 @@
+From 5750fedb9125af7c8d4ec5ef41d06ae72b728244 Mon Sep 17 00:00:00 2001
+From: jake <jikai11@huawei.com>
+Date: Wed, 30 Aug 2023 05:06:57 +0000
+Subject: [PATCH 1/2] !46 Check empty pointer before referenced * Fix empty
+ pointer and overflow
+
+---
+ src/api.c             |  8 ++++++++
+ src/conf.c            |  3 +++
+ src/invoke/exec.c     |  2 ++
+ src/types/types.c     | 23 +++++++++++++++++++++++
+ src/utils.c           |  2 +-
+ src/version/version.c |  5 +++++
+ 6 files changed, 42 insertions(+), 1 deletion(-)
+
+diff --git a/src/api.c b/src/api.c
+index 13a4ec8..460223f 100644
+--- a/src/api.c
++++ b/src/api.c
+@@ -844,6 +844,10 @@ int cni_conf_from_file(const char *filename, struct cni_network_conf **config, c
+         ERROR("Empty err");
+         return -1;
+     }
++    if (config == NULL) {
++        ERROR("Empty config");
++        return -1;
++    }
+     ret = conf_from_file(filename, &netconf, err);
+     if (ret != 0) {
+         ERROR("Parse conf file: %s failed: %s", filename, *err != NULL ? *err : "");
+@@ -932,6 +936,10 @@ int cni_conflist_from_file(const char *filename, struct cni_network_list_conf **
+         ERROR("Empty err");
+         return -1;
+     }
++    if (list == NULL) {
++        ERROR("Empty list");
++        return -1;
++    }
+     ret = conflist_from_file(filename, &tmp_cni_net_conf_list, err);
+     if (ret != 0) {
+         return ret;
+diff --git a/src/conf.c b/src/conf.c
+index d1ff3d9..a3214b3 100644
+--- a/src/conf.c
++++ b/src/conf.c
+@@ -495,6 +495,7 @@ int load_conf(const char *dir, const char *name, struct network_config **conf, c
+             *err = clibcni_util_strdup_s("Out of memory");
+         }
+         ERROR("no net configurations found in %s", dir);
++        ret = -1;
+         goto free_out;
+     }
+ 
+@@ -538,6 +539,7 @@ static int generate_new_conflist(const cni_net_conf_list *list, struct network_c
+             *err = clibcni_util_strdup_s("Out of memory");
+         }
+         ERROR("Generate conf list json failed: %s", jerr);
++        ret = -1;
+         goto free_out;
+     }
+     free(jerr);
+@@ -551,6 +553,7 @@ static int generate_new_conflist(const cni_net_conf_list *list, struct network_c
+             *err = clibcni_util_strdup_s("Out of memory");
+         }
+         ERROR("Parse conf list from json failed: %s", jerr);
++        ret  = -1;
+         goto free_out;
+     }
+     ret = 0;
+diff --git a/src/invoke/exec.c b/src/invoke/exec.c
+index becba55..16d53ea 100644
+--- a/src/invoke/exec.c
++++ b/src/invoke/exec.c
+@@ -72,6 +72,7 @@ static int do_parse_exec_stdout_str(int exec_ret, const char *cni_net_conf_json,
+             goto out;
+         }
+         if (clibcni_is_null_or_empty(stdout_str)) {
++            ret = -1;
+             ERROR("Get empty stdout message");
+             goto out;
+         }
+@@ -140,6 +141,7 @@ int exec_plugin_without_result(const char *plugin_path, const char *cni_net_conf
+         envs = as_env(cniargs);
+         if (envs == NULL) {
+             *err = clibcni_util_strdup_s("As env failed");
++            ret = -1;
+             goto out;
+         }
+     }
+diff --git a/src/types/types.c b/src/types/types.c
+index a9a04e7..24e3f1b 100644
+--- a/src/types/types.c
++++ b/src/types/types.c
+@@ -453,6 +453,12 @@ static int get_ipv6_mask(const struct ipnet *value, size_t iplen, uint8_t **mask
+         (void)memcpy(*mask, (value->ip_mask + IPV4_TO_V6_EMPTY_PREFIX_BYTES), IPV4LEN);
+         return IPV4LEN;
+     } else {
++        *mask = clibcni_util_smart_calloc_s(IPV6LEN, sizeof(uint8_t));
++        if (*mask == NULL) {
++            *err = clibcni_util_strdup_s("Out of memory");
++            ERROR("Out of memory");
++            return 0;
++        }
+         (void)memcpy(*mask, value->ip_mask, IPV6LEN);
+         return IPV6LEN;
+     }
+@@ -551,6 +557,10 @@ char *ipnet_to_string(const struct ipnet *value, char **err)
+     int nret = 0;
+     size_t res_len = 0;
+ 
++    if (value == NULL || err == NULL) {
++        ERROR("Invalid arg");
++        return NULL;
++    }
+     iplen = try_to_ipv4(value, &ip, err);
+     if (iplen == 0) {
+         goto free_out;
+@@ -686,6 +696,14 @@ int parse_ip_from_str(const char *addr, uint8_t **ips, size_t *len, char **err)
+         ERROR("Empty address");
+         return -1;
+     }
++    if (err == NULL) {
++        ERROR("Empty err");
++        return -1;
++    }
++    if (ips == NULL || len == NULL) {
++        ERROR("Invalid argument");
++        return -1;
++    }
+     nret = inet_pton(AF_INET, addr, &ipv4);
+     if (nret < 0) {
+         nret = asprintf(err, "ipv4 inet_pton %s", strerror(errno));
+@@ -754,6 +772,11 @@ int parse_cidr(const char *cidr_str, struct ipnet **ipnet_val, char **err)
+         return -1;
+     }
+ 
++    if (ipnet_val == NULL || err == NULL) {
++        ERROR("Invalid argument");
++        return -1;
++    }
++
+     work_cidr = clibcni_util_strdup_s(cidr_str);
+ 
+     result = clibcni_util_common_calloc_s(sizeof(struct ipnet));
+diff --git a/src/utils.c b/src/utils.c
+index 4308b62..8efa330 100644
+--- a/src/utils.c
++++ b/src/utils.c
+@@ -417,7 +417,7 @@ int clibcni_util_safe_uint(const char *numstr, unsigned int *converted)
+     char *err_str = NULL;
+     unsigned long long ull = 0;
+ 
+-    if (converted == NULL) {
++    if (numstr == NULL || converted == NULL) {
+         return -1;
+     }
+     errno = 0;
+diff --git a/src/version/version.c b/src/version/version.c
+index 058e30f..00aa149 100644
+--- a/src/version/version.c
++++ b/src/version/version.c
+@@ -75,6 +75,11 @@ struct plugin_info *plugin_supports(const char * const *supported_versions, size
+     size_t size = 0;
+     bool invalid_arg = (supported_versions == NULL || len < 1);
+ 
++    if (errmsg == NULL) {
++        ERROR("Empty errmsg");
++        return NULL;
++    }
++
+     if (invalid_arg) {
+         *errmsg = clibcni_util_strdup_s("Invalid version argument");
+         return NULL;
+-- 
+2.33.0
+
diff --git a/0002-47-remove-unnecessary-strerror.patch b/0002-47-remove-unnecessary-strerror.patch
new file mode 100644
index 0000000000000000000000000000000000000000..329807f08d06aabc0a79d7e334e3b047eba49019
--- /dev/null
+++ b/0002-47-remove-unnecessary-strerror.patch
@@ -0,0 +1,250 @@
+From e782318607aa5f1b2cf2fcf003a5a12066877714 Mon Sep 17 00:00:00 2001
+From: haozi007 <liuhao27@huawei.com>
+Date: Thu, 7 Sep 2023 07:39:18 +0000
+Subject: [PATCH 2/2] !47 remove unnecessary strerror * remove unnecessary
+ strerror
+
+---
+ src/api.c          | 36 ++++++++++++++++++++----------------
+ src/conf.c         | 12 ++++++------
+ src/invoke/exec.c  | 17 +++++++++--------
+ src/invoke/tools.c |  2 +-
+ src/types/types.c  |  6 ++++--
+ src/utils.c        |  2 +-
+ 6 files changed, 41 insertions(+), 34 deletions(-)
+
+diff --git a/src/api.c b/src/api.c
+index 460223f..4541496 100644
+--- a/src/api.c
++++ b/src/api.c
+@@ -299,6 +299,22 @@ out:
+     return ret;
+ }
+ 
++static void format_invoke_err_msg(const char *name, int save_errno, char **err)
++{
++    const char *invoke_err = get_invoke_err_msg(save_errno);
++
++    if (asprintf(err, "find plugin: \"%s\" failed: %s", name, invoke_err != NULL ? invoke_err : "") < 0) {
++        *err = clibcni_util_strdup_s("Out of memory");
++    }
++
++    if (invoke_err != NULL) {
++        ERROR("find plugin: \"%s\" failed: %s", name, invoke_err);
++        return;
++    }
++    errno = save_errno;
++    SYSERROR("find plugin: \"%s\" failed", name);
++}
++
+ static int run_cni_plugin(const struct network_config_list *list, size_t i, const char *operator,
+                           const struct runtime_conf *rc, const char * const *paths, size_t paths_len,
+                           struct result **pret, char **err)
+@@ -320,10 +336,7 @@ static int run_cni_plugin(const struct network_config_list *list, size_t i, cons
+ 
+     ret = find_in_path(net.network->type, paths, paths_len, &plugin_path, &save_errno);
+     if (ret != 0) {
+-        if (asprintf(err, "find plugin: \"%s\" failed: %s", net.network->type, get_invoke_err_msg(save_errno)) < 0) {
+-            *err = clibcni_util_strdup_s("Out of memory");
+-        }
+-        ERROR("find plugin: \"%s\" failed: %s", net.network->type, get_invoke_err_msg(save_errno));
++        format_invoke_err_msg(net.network->type, save_errno, err);
+         goto free_out;
+     }
+ 
+@@ -448,10 +461,7 @@ static int add_network(const struct network_config *net, const struct runtime_co
+     }
+     ret = find_in_path(net->network->type, paths, paths_len, &plugin_path, &save_errno);
+     if (ret != 0) {
+-        if (asprintf(err, "find plugin: \"%s\" failed: %s", net->network->type, get_invoke_err_msg(save_errno)) < 0) {
+-            *err = clibcni_util_strdup_s("Out of memory");
+-        }
+-        ERROR("find plugin: \"%s\" failed: %s", net->network->type, get_invoke_err_msg(save_errno));
++        format_invoke_err_msg(net->network->type, save_errno, err);
+         goto free_out;
+     }
+ 
+@@ -496,10 +506,7 @@ static int del_network(const struct network_config *net, const struct runtime_co
+     }
+     ret = find_in_path(net->network->type, paths, paths_len, &plugin_path, &save_errno);
+     if (ret != 0) {
+-        if (asprintf(err, "find plugin: \"%s\" failed: %s", net->network->type, get_invoke_err_msg(save_errno)) < 0) {
+-            *err = clibcni_util_strdup_s("Out of memory");
+-        }
+-        ERROR("find plugin: \"%s\" failed: %s", net->network->type, get_invoke_err_msg(save_errno));
++        format_invoke_err_msg(net->network->type, save_errno, err);
+         goto free_out;
+     }
+ 
+@@ -814,10 +821,7 @@ int cni_get_version_info(const char *plugin_type, char **paths, struct plugin_in
+     len = clibcni_util_array_len((const char * const *)paths);
+     ret = find_in_path(plugin_type, (const char * const *)paths, len, &plugin_path, &save_errno);
+     if (ret != 0) {
+-        if (asprintf(err, "find plugin: \"%s\" failed: %s", plugin_type, get_invoke_err_msg(save_errno)) < 0) {
+-            *err = clibcni_util_strdup_s("Out of memory");
+-        }
+-        ERROR("find plugin: \"%s\" failed: %s", plugin_type, get_invoke_err_msg(save_errno));
++        format_invoke_err_msg(plugin_type, save_errno, err);
+         return ret;
+     }
+ 
+diff --git a/src/conf.c b/src/conf.c
+index a3214b3..4d74b73 100644
+--- a/src/conf.c
++++ b/src/conf.c
+@@ -107,10 +107,10 @@ static char *do_get_cni_net_confs_json(const char *filename, char **err)
+ 
+     content = clibcni_util_read_text_file(filename);
+     if (content == NULL) {
+-        if (asprintf(err, "Read file %s failed: %s", filename, strerror(errno)) < 0) {
++        SYSERROR("Read file %s failed", filename);
++        if (asprintf(err, "Read file %s failed", filename) < 0) {
+             *err = clibcni_util_strdup_s("Read file failed");
+         }
+-        ERROR("Read file %s failed: %s", filename, strerror(errno));
+     }
+ 
+     return content;
+@@ -303,10 +303,10 @@ static int check_conf_dir(const char *dir, DIR **directory, char **err)
+         if (errno == ENOENT) {
+             return 0;
+         }
+-        if (asprintf(err, "Open dir failed: %s", strerror(errno)) < 0) {
++        SYSERROR("Open dir: %s failed", dir);
++        if (asprintf(err, "Open dir: %s failed", dir) < 0) {
+             *err = clibcni_util_strdup_s("Out of memory");
+         }
+-        SYSERROR("Open dir failed");
+         return -1;
+     }
+     return 1;
+@@ -319,11 +319,11 @@ static int do_check_file_is_valid(const char *fname, int *result, char **err)
+ 
+     nret = lstat(fname, &tmp_fstat);
+     if (nret != 0) {
+-        nret = asprintf(err, "lstat %s failed: %s", fname, strerror(errno));
++        SYSERROR("lstat %s failed", fname);
++        nret = asprintf(err, "check file %s failed", fname);
+         if (nret < 0) {
+             *err = clibcni_util_strdup_s("Out of memory");
+         }
+-        SYSERROR("lstat %s failed", fname);
+         *result = -1;
+         return -1;
+     }
+diff --git a/src/invoke/exec.c b/src/invoke/exec.c
+index 16d53ea..4ce4b5d 100644
+--- a/src/invoke/exec.c
++++ b/src/invoke/exec.c
+@@ -354,7 +354,8 @@ static int prepare_raw_exec(const char *plugin_path, int pipe_stdin[2], int pipe
+ 
+     ret = pipe2(pipe_stdin, O_CLOEXEC | O_NONBLOCK);
+     if (ret < 0) {
+-        ret = snprintf(errmsg, len, "Pipe stdin failed: %s", strerror(errno));
++        SYSERROR("Pipe stdin failed");
++        ret = snprintf(errmsg, len, "Pipe stdin failed");
+         if (ret < 0 || (size_t)ret >= len) {
+             ERROR("Sprintf failed");
+         }
+@@ -363,7 +364,8 @@ static int prepare_raw_exec(const char *plugin_path, int pipe_stdin[2], int pipe
+ 
+     ret = pipe2(pipe_stdout, O_CLOEXEC | O_NONBLOCK);
+     if (ret < 0) {
+-        ret = snprintf(errmsg, len, "Pipe stdout failed: %s", strerror(errno));
++        SYSERROR("Pipe stdout failed");
++        ret = snprintf(errmsg, len, "Pipe stdout failed");
+         if (ret < 0 || (size_t)ret >= len) {
+             ERROR("Sprintf failed");
+         }
+@@ -383,7 +385,7 @@ static int write_stdin_data_to_child(int pipe_stdin[2], const char *stdin_data,
+ 
+     len = strlen(stdin_data);
+     if (clibcni_util_write_nointr(pipe_stdin[1], stdin_data, len) != (ssize_t)len) {
+-        ret = snprintf(errmsg, errmsg_len, "Write stdin data failed: %s", strerror(errno));
++        ret = snprintf(errmsg, errmsg_len, "Write stdin data failed");
+         if (ret < 0 || (size_t)ret >= errmsg_len) {
+             ERROR("Sprintf failed");
+         }
+@@ -406,8 +408,7 @@ static int read_child_stdout_msg(const int pipe_stdout[2], char *errmsg, size_t
+         char buffer[CLIBCNI_BUFFER_SIZE] = { 0 };
+         ssize_t tmp_len = clibcni_util_read_nointr(pipe_stdout[0], buffer, CLIBCNI_BUFFER_SIZE - 1);
+         if (tmp_len < 0) {
+-            ret = snprintf(errmsg, errmsg_len, "%s; read stdout failed: %s", strlen(errmsg) > 0 ? errmsg : "",
+-                           strerror(errno));
++            ret = snprintf(errmsg, errmsg_len, "%s; read stdout failed", strlen(errmsg) > 0 ? errmsg : "");
+             if (ret < 0 || (size_t)ret >= errmsg_len) {
+                 ERROR("Sprintf failed");
+             }
+@@ -437,8 +438,7 @@ static int wait_pid_for_raw_exec_child(pid_t child_pid, const int pipe_stdout[2]
+     ret = read_child_stdout_msg(pipe_stdout, errmsg, errmsg_len, stdout_str);
+ 
+     if (wait_pid < 0) {
+-        ret = snprintf(errmsg, errmsg_len, "%s; waitpid failed: %s", strlen(errmsg) > 0 ? errmsg : "",
+-                       strerror(errno));
++        ret = snprintf(errmsg, errmsg_len, "%s; waitpid failed", strlen(errmsg) > 0 ? errmsg : "");
+         if (ret < 0 || (size_t)ret >= errmsg_len) {
+             ERROR("Sprintf failed");
+         }
+@@ -571,7 +571,8 @@ static int raw_exec(const char *plugin_path, const char *stdin_data, char * cons
+ 
+     child_pid = fork();
+     if (child_pid < 0) {
+-        ret = snprintf(errmsg, sizeof(errmsg), "Fork failed: %s", strerror(errno));
++        SYSERROR("Fork failed");
++        ret = snprintf(errmsg, sizeof(errmsg), "Fork failed");
+         if (ret < 0 || (size_t)ret >= sizeof(errmsg)) {
+             ERROR("Sprintf failed");
+         }
+diff --git a/src/invoke/tools.c b/src/invoke/tools.c
+index 7660be1..7c497f1 100644
+--- a/src/invoke/tools.c
++++ b/src/invoke/tools.c
+@@ -52,7 +52,7 @@ const char *get_invoke_err_msg(int errcode)
+     if (errcode <= INK_SUCCESS) {
+         return g_CNI_INVOKE_ERR_MSGS[errcode - (INK_ERR_MIN)];
+     }
+-    return strerror(errcode);
++    return NULL;
+ }
+ 
+ static int do_check_file(const char *plugin, const char *path, char **find_path, int *save_errno)
+diff --git a/src/types/types.c b/src/types/types.c
+index 24e3f1b..fad396b 100644
+--- a/src/types/types.c
++++ b/src/types/types.c
+@@ -665,7 +665,8 @@ static int do_parse_ipv6_from_str(const char *addr, struct in6_addr *ipv6, uint8
+     }
+     nret = inet_pton(AF_INET6, addr, ipv6);
+     if (nret < 0) {
+-        nret = asprintf(err, "ipv6 inet_pton %s", strerror(errno));
++        SYSERROR("ipv6 inet_pton for: %s", addr);
++        nret = asprintf(err, "invalid ipv6 addr %s.", addr);
+         if (nret < 0) {
+             ERROR("Sprintf failed");
+             *ret = 1;
+@@ -706,7 +707,8 @@ int parse_ip_from_str(const char *addr, uint8_t **ips, size_t *len, char **err)
+     }
+     nret = inet_pton(AF_INET, addr, &ipv4);
+     if (nret < 0) {
+-        nret = asprintf(err, "ipv4 inet_pton %s", strerror(errno));
++        SYSERROR("ipv4 inet_pton for: %s", addr);
++        nret = asprintf(err, "invalid ipv4 addr %s.", addr);
+         if (nret < 0) {
+             ERROR("Sprintf failed");
+             ret = 1;
+diff --git a/src/utils.c b/src/utils.c
+index 8efa330..d4a8ead 100644
+--- a/src/utils.c
++++ b/src/utils.c
+@@ -697,7 +697,7 @@ char *clibcni_util_read_text_file(const char *path)
+ 
+     readlen = fread(buf, 1, (size_t)len, filp);
+     if (((readlen < (size_t)len) && (!feof(filp))) || (readlen > (size_t)len)) {
+-        ERROR("Failed to read file %s, error: %s\n", path, strerror(errno));
++        SYSERROR("Failed to read file %s", path);
+         free(buf);
+         buf = NULL;
+         goto err_out;
+-- 
+2.33.0
+
diff --git a/clibcni.spec b/clibcni.spec
index 2592672b45f28b77566cf604c6bfa16b1a806472..b4a0e93b20a0d268c14e210b27e513355cf6668a 100644
--- a/clibcni.spec
+++ b/clibcni.spec
@@ -1,5 +1,5 @@
 %global _version 2.0.7
-%global _release 6
+%global _release 7
 Name:      clibcni
 Version:   %{_version}
 Release:   %{_release}
@@ -10,6 +10,9 @@ URL:       https://gitee.com/openeuler/clibcni
 Source0:   https://gitee.com/openeuler/clibcni/repository/archive/v%{version}.tar.gz
 BuildRoot: %{_tmppath}/%{name}-%{version}
 
+Patch0001:	0001-46-Check-empty-pointer-before-referenced.patch
+Patch0002:	0002-47-remove-unnecessary-strerror.patch
+
 %define lcrver_lower 2.0.9-0
 %define lcrver_upper 2.0.10-0
 
@@ -88,6 +91,12 @@ rm -rf %{buildroot}
 %{_libdir}/pkgconfig/%{name}.pc
 
 %changelog
+* Tue Sep 12 2023 jikai<jikai11@huawei.com> - 2.0.7-7
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:Fix potential log error and empty pointer reference
+
 * Fri May 12 2023 Wenlong Zhang <zhangwenlong@loongson.cn> - 2.0.7-6
 - Type: feature
 - ID: NA