diff --git a/get-started/csi_recv_router/main/app_main.c b/get-started/csi_recv_router/main/app_main.c
index 9c2779b..7bafce7 100644
--- a/get-started/csi_recv_router/main/app_main.c
+++ b/get-started/csi_recv_router/main/app_main.c
@@ -1012,7 +1012,8 @@ static void adaptive_task(void *arg)
             }
             /* Atomically gate: zero nsub first, copy, then set nsub */
             s_baseline_nsub = 0;
-            memcpy(s_baseline_amps, staged, nsub * sizeof(float));
+            if (nsub > 0)
+                memcpy(s_baseline_amps, staged, nsub * sizeof(float));
             s_baseline_nsub = nsub;
             config_save_blob("bl_amps", s_baseline_amps, nsub * sizeof(float));
             config_save_i8("bl_nsub", (int8_t)nsub);
@@ -2583,17 +2584,17 @@ static void serial_task(void *arg)
             else
                 printf("OK AUTH off\n");
         } else if (strncasecmp(line, "AUTH ", 5) == 0) {
-            const char *arg = line + 5;
-            if (strcasecmp(arg, "OFF") == 0) {
+            const char *val = line + 5;
+            if (strcasecmp(val, "OFF") == 0) {
                 s_auth_secret[0] = '\0';
                 config_erase_key("auth_secret");
                 printf("OK AUTH off (cleared)\n");
             } else {
-                size_t alen = strlen(arg);
+                size_t alen = strlen(val);
                 if (alen < 8 || alen > 64) {
                     printf("ERR secret length 8-64 chars\n");
                 } else {
-                    strncpy(s_auth_secret, arg, sizeof(s_auth_secret) - 1);
+                    strncpy(s_auth_secret, val, sizeof(s_auth_secret) - 1);
                     s_auth_secret[sizeof(s_auth_secret) - 1] = '\0';
                     config_save_str("auth_secret", s_auth_secret);
                     printf("OK AUTH on secret=%s\n", s_auth_secret);