u-boot: v2026.04: helios64: bounds-check variant in show_otp_data

show_otp_data() directly indexed var_str[otp.variant] without validation.
If the OTP blob is corrupted (e.g. variant byte out of 0..BOARD_VARIANT_MAX-1
range), this read is out of bounds.

Mirror the check already used in get_variant(): fall back to var_str[0]
("Invalid variant") when otp.variant is out of range.

This is debug-only (wrapped in #ifdef DEBUG) and never reached in
production builds, but keeps behavior consistent with get_variant() and
avoids a latent OOB read if DEBUG is enabled.

Addresses a CodeRabbit review comment on PR armbian#9675.

Author: iav

patch/u-boot/v2026.04/board_helios64/board/sys_otp.c

@@ -114,7 +114,9 @@ static void show_otp_data(void)
 		return;
 
 	printf("Part Number: %s\n", otp.part_num);
-	printf("Variant: %s\n", var_str[otp.variant]);
+	printf("Variant: %s\n",
+		(otp.variant < BOARD_VARIANT_MAX) ? var_str[otp.variant]
+						  : var_str[BOARD_VARIANT_INVALID]);
 	printf("Revision: %x.%x\n", (otp.revision & 0xf0) >> 4, otp.revision & 0x0f);
 	printf("Serial Number: %012llx\n", otp_serial());
 	printf("Manufacturing Date: %02X-%02X-%04X (DD-MM-YYYY)\n", otp.mfg_day,