diff --git a/meta-ohos-core/recipes-core/busybox/busybox/busybox-1.31.1-Wformat-security.patch b/meta-ohos-core/recipes-core/busybox/busybox/busybox-1.31.1-Wformat-security.patch
new file mode 100644
index 0000000000000000000000000000000000000000..1ebda4c97bea1344e24abfb81c59b6e83e8a81b9
--- /dev/null
+++ b/meta-ohos-core/recipes-core/busybox/busybox/busybox-1.31.1-Wformat-security.patch
@@ -0,0 +1,199 @@
+From bernhard.rosenkraenzer.ext@huawei.com Thu Sep 2 12:30:04 2021
+From: Bernhard Rosenkraenzer <bernhard.rosenkraenzer.ext@huawei.com>
+Date: Thu, 2 Sep 2021 12:30:04 +0100
+Subject: [PATCH] Fix -Wformat-string warnings
+
+Make sure we don't pass potentially dangerous strings to printf-like functions.
+This fixes building in OPTIMIZE_FOR=security mode (-Werror=format-string).
+
+Signed-off-by: Bernhard Rosenkraenzer <bernhard.rosenkraenzer.ext@huawei.com>
+Upstream-Status: Pending
+
+diff -up busybox-1.31.1/archival/libarchive/decompress_gunzip.c.omv~ busybox-1.31.1/archival/libarchive/decompress_gunzip.c
+--- busybox-1.31.1/archival/libarchive/decompress_gunzip.c.omv~ 2021-09-02 11:08:42.987268111 +0200
++++ busybox-1.31.1/archival/libarchive/decompress_gunzip.c 2021-09-02 11:08:48.491282095 +0200
+@@ -1022,7 +1022,7 @@ inflate_unzip_internal(STATE_PARAM trans
+ error_msg = "corrupted data";
+ if (setjmp(error_jmp)) {
+ /* Error from deep inside zip machinery */
+- bb_error_msg(error_msg);
++ bb_error_msg("%s", error_msg);
+ n = -1;
+ goto ret;
+ }
+diff -up busybox-1.31.1/libbb/fflush_stdout_and_exit.c.omv~ busybox-1.31.1/libbb/fflush_stdout_and_exit.c
+--- busybox-1.31.1/libbb/fflush_stdout_and_exit.c.omv~ 2021-09-02 11:10:03.489471808 +0200
++++ busybox-1.31.1/libbb/fflush_stdout_and_exit.c 2021-09-02 11:10:11.948493100 +0200
+@@ -15,7 +15,7 @@ void FAST_FUNC fflush_stdout_and_exit(in
+ {
+ xfunc_error_retval = retval;
+ if (fflush(stdout))
+- bb_perror_msg_and_die(bb_msg_standard_output);
++ bb_perror_msg_and_die("%s", bb_msg_standard_output);
+ /* In case we are in NOFORK applet. Do not exit() directly,
+ * but use xfunc_die() */
+ xfunc_die();
+diff -up busybox-1.31.1/libbb/xfuncs_printf.c.omv~ busybox-1.31.1/libbb/xfuncs_printf.c
+--- busybox-1.31.1/libbb/xfuncs_printf.c.omv~ 2021-09-02 11:13:01.210916054 +0200
++++ busybox-1.31.1/libbb/xfuncs_printf.c 2021-09-02 11:13:13.371946229 +0200
+@@ -27,7 +27,7 @@
+
+ void FAST_FUNC bb_die_memory_exhausted(void)
+ {
+- bb_error_msg_and_die(bb_msg_memory_exhausted);
++ bb_error_msg_and_die("%s", bb_msg_memory_exhausted);
+ }
+
+ #ifndef DMALLOC
+@@ -40,7 +40,7 @@ void* FAST_FUNC malloc_or_warn(size_t si
+ {
+ void *ptr = malloc(size);
+ if (ptr == NULL && size != 0)
+- bb_error_msg(bb_msg_memory_exhausted);
++ bb_error_msg("%s", bb_msg_memory_exhausted);
+ return ptr;
+ }
+
+diff -up busybox-1.31.1/networking/ping.c.omv~ busybox-1.31.1/networking/ping.c
+--- busybox-1.31.1/networking/ping.c.omv~ 2021-09-02 11:06:55.945994276 +0200
++++ busybox-1.31.1/networking/ping.c 2021-09-02 11:07:14.816042825 +0200
+@@ -184,8 +184,8 @@ create_icmp_socket(void)
+ sock = socket(AF_INET, SOCK_RAW, 1); /* 1 == ICMP */
+ if (sock < 0) {
+ if (errno == EPERM)
+- bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
+- bb_perror_msg_and_die(bb_msg_can_not_create_raw_socket);
++ bb_error_msg_and_die("%s", bb_msg_perm_denied_are_you_root);
++ bb_perror_msg_and_die("%s", bb_msg_can_not_create_raw_socket);
+ }
+
+ xmove_fd(sock, pingsock);
+diff -up busybox-1.31.1/networking/traceroute.c.omv~ busybox-1.31.1/networking/traceroute.c
+--- busybox-1.31.1/networking/traceroute.c.omv~ 2021-09-02 11:06:32.367933433 +0200
++++ busybox-1.31.1/networking/traceroute.c 2021-09-02 11:06:48.343974681 +0200
+@@ -875,7 +875,7 @@ common_traceroute_main(int op, char **ar
+ * probe (e.g., on a multi-homed host).
+ */
+ if (getuid() != 0)
+- bb_error_msg_and_die(bb_msg_you_must_be_root);
++ bb_error_msg_and_die("%s", bb_msg_you_must_be_root);
+ }
+ if (op & OPT_WAITTIME)
+ waittime = xatou_range(waittime_str, 1, 24 * 60 * 60);
+diff -up busybox-1.31.1/shell/ash.c.omv~ busybox-1.31.1/shell/ash.c
+--- busybox-1.31.1/shell/ash.c.omv~ 2021-09-02 11:15:04.255220263 +0200
++++ busybox-1.31.1/shell/ash.c 2021-09-02 11:15:54.587344068 +0200
+@@ -4223,7 +4223,7 @@ sprint_status48(char *s, int status, int
+ }
+ st &= 0x7f;
+ //TODO: use bbox's get_signame? strsignal adds ~600 bytes to text+rodata
+- col = fmtstr(s, 32, strsignal(st));
++ col = fmtstr(s, 32, "%s", strsignal(st));
+ if (WCOREDUMP(status)) {
+ strcpy(s + col, " (core dumped)");
+ col += sizeof(" (core dumped)")-1;
+diff -up busybox-1.31.1/loginutils/addgroup.c.omv~ busybox-1.31.1/loginutils/addgroup.c
+--- busybox-1.31.1/loginutils/addgroup.c.omv~ 2021-09-02 17:52:53.644854060 +0200
++++ busybox-1.31.1/loginutils/addgroup.c 2021-09-02 17:53:07.412923202 +0200
+@@ -149,7 +149,7 @@ int addgroup_main(int argc UNUSED_PARAM,
+
+ /* need to be root */
+ if (geteuid()) {
+- bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
++ bb_error_msg_and_die("%s", bb_msg_perm_denied_are_you_root);
+ }
+ /* Syntax:
+ * addgroup group
+diff -up busybox-1.31.1/loginutils/adduser.c.omv~ busybox-1.31.1/loginutils/adduser.c
+--- busybox-1.31.1/loginutils/adduser.c.omv~ 2021-09-02 17:50:27.751128814 +0200
++++ busybox-1.31.1/loginutils/adduser.c 2021-09-02 17:50:34.763163329 +0200
+@@ -193,7 +193,7 @@ int adduser_main(int argc UNUSED_PARAM,
+
+ /* got root? */
+ if (geteuid()) {
+- bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
++ bb_error_msg_and_die("%s", bb_msg_perm_denied_are_you_root);
+ }
+
+ pw.pw_gecos = (char *)"Linux User,,,";
+diff -up busybox-1.31.1/loginutils/deluser.c.omv~ busybox-1.31.1/loginutils/deluser.c
+--- busybox-1.31.1/loginutils/deluser.c.omv~ 2021-09-02 17:44:26.398416096 +0200
++++ busybox-1.31.1/loginutils/deluser.c 2021-09-02 17:44:47.114509906 +0200
+@@ -76,7 +76,7 @@ int deluser_main(int argc, char **argv)
+ #endif
+
+ if (geteuid() != 0)
+- bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
++ bb_error_msg_and_die("%s", bb_msg_perm_denied_are_you_root);
+
+ name = argv[1];
+ member = NULL;
+diff -up busybox-1.31.1/networking/udhcp/arpping.c.omv~ busybox-1.31.1/networking/udhcp/arpping.c
+--- busybox-1.31.1/networking/udhcp/arpping.c.omv~ 2021-09-02 17:59:15.301802783 +0200
++++ busybox-1.31.1/networking/udhcp/arpping.c 2021-09-02 17:59:24.787851883 +0200
+@@ -53,7 +53,7 @@ int FAST_FUNC arpping(uint32_t test_nip,
+
+ s = socket(PF_PACKET, SOCK_PACKET, htons(ETH_P_ARP));
+ if (s == -1) {
+- bb_perror_msg(bb_msg_can_not_create_raw_socket);
++ bb_perror_msg("%s", bb_msg_can_not_create_raw_socket);
+ return -1;
+ }
+
+diff -up busybox-1.31.1/util-linux/mount.c.omv~ busybox-1.31.1/util-linux/mount.c
+--- busybox-1.31.1/util-linux/mount.c.omv~ 2021-09-02 17:54:39.676389182 +0200
++++ busybox-1.31.1/util-linux/mount.c 2021-09-02 17:55:53.673765879 +0200
+@@ -745,7 +745,7 @@ static int mount_it_now(struct mntent *m
+ // Abort entirely if permission denied.
+
+ if (rc && errno == EPERM)
+- bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
++ bb_error_msg_and_die("%s", bb_msg_perm_denied_are_you_root);
+
+ // If the mount was successful, and we're maintaining an old-style
+ // mtab file by hand, add the new entry to it now.
+@@ -2113,7 +2113,7 @@ static int singlemount(struct mntent *mp
+ );
+ if (loopfd < 0) {
+ if (errno == EPERM || errno == EACCES)
+- bb_error_msg(bb_msg_perm_denied_are_you_root);
++ bb_error_msg("%s", bb_msg_perm_denied_are_you_root);
+ else
+ bb_perror_msg("can't setup loop device");
+ return errno;
+@@ -2321,7 +2321,7 @@ int mount_main(int argc UNUSED_PARAM, ch
+ // argument when we get it.
+ if (argv[1]) {
+ if (nonroot)
+- bb_error_msg_and_die(bb_msg_you_must_be_root);
++ bb_error_msg_and_die("%s", bb_msg_you_must_be_root);
+ mtpair->mnt_fsname = argv[0];
+ mtpair->mnt_dir = argv[1];
+ mtpair->mnt_type = fstype;
+@@ -2338,7 +2338,7 @@ int mount_main(int argc UNUSED_PARAM, ch
+
+ cmdopt_flags = parse_mount_options(cmdopts, NULL);
+ if (nonroot && (cmdopt_flags & ~MS_SILENT)) // Non-root users cannot specify flags
+- bb_error_msg_and_die(bb_msg_you_must_be_root);
++ bb_error_msg_and_die("%s", bb_msg_you_must_be_root);
+
+ // If we have a shared subtree flag, don't worry about fstab or mtab.
+ if (ENABLE_FEATURE_MOUNT_FLAGS
+@@ -2403,7 +2403,7 @@ int mount_main(int argc UNUSED_PARAM, ch
+ // No, mount -a won't mount anything,
+ // even user mounts, for mere humans
+ if (nonroot)
+- bb_error_msg_and_die(bb_msg_you_must_be_root);
++ bb_error_msg_and_die("%s", bb_msg_you_must_be_root);
+
+ // Does type match? (NULL matches always)
+ if (!fstype_matches(mtcur->mnt_type, fstype))
+@@ -2483,7 +2483,7 @@ int mount_main(int argc UNUSED_PARAM, ch
+ // fstab must have "users" or "user"
+ l = parse_mount_options(mtcur->mnt_opts, NULL);
+ if (!(l & MOUNT_USERS))
+- bb_error_msg_and_die(bb_msg_you_must_be_root);
++ bb_error_msg_and_die("%s", bb_msg_you_must_be_root);
+ }
+
+ //util-linux-2.12 does not do this check.
diff --git a/meta-ohos-core/recipes-core/busybox/busybox/busybox-1.31.1-Wformat-security.patch.license b/meta-ohos-core/recipes-core/busybox/busybox/busybox-1.31.1-Wformat-security.patch.license
new file mode 100644
index 0000000000000000000000000000000000000000..2a2d9f5dddd47bf1cb17911d43ee94adeb1092b7
--- /dev/null
+++ b/meta-ohos-core/recipes-core/busybox/busybox/busybox-1.31.1-Wformat-security.patch.license
@@ -0,0 +1,2 @@
+# SPDX-FileCopyrightText: Huawei Inc.
+# SPDX-License-Identifier: Apache-2.0
diff --git a/meta-ohos-core/recipes-core/busybox/busybox_%.bbappend b/meta-ohos-core/recipes-core/busybox/busybox_%.bbappend
index 06fa0422105af77fe13eada88530cee01f86daad..c3b3e351e07e9fdb6e690388e96a43f157c2c9a6 100644
--- a/meta-ohos-core/recipes-core/busybox/busybox_%.bbappend
+++ b/meta-ohos-core/recipes-core/busybox/busybox_%.bbappend
@@ -3,4 +3,5 @@
# SPDX-License-Identifier: Apache-2.0
FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
-SRC_URI += "file://allscenarios.cfg"
+SRC_URI += "file://busybox-1.31.1-Wformat-security.patch \
+ file://allscenarios.cfg"