user
ed8669c0af
fix: Address P1 security audit findings
- VULN-010: Prevent CSI UDP buffer overflow with bounds-checked
serialization loops and clamped pos before sendto
- VULN-019: Validate probe frame sig_len before body access
- VULN-017: Add NVS write throttle to config_erase_key()
- VULN-009: Tighten HMAC replay window from ±30s to ±5s, add nonce
dedup cache (8 entries) to reject exact replays within window
- VULN-004/018: Add 50ms rate limit on command socket (20 cmd/s max)
- VULN-014: Stage baseline calibration in local buffer, gate with
atomic nsub write to prevent partial reads from CSI callback