diff --git a/src/Primitives/arduino.cpp b/src/Primitives/arduino.cpp
index a049d904..d6199658 100644
--- a/src/Primitives/arduino.cpp
+++ b/src/Primitives/arduino.cpp
@@ -613,9 +613,16 @@ def_prim(chip_ledc_attach_pin, twoToNoneU32) {
 
 def_prim(subscribe_interrupt, threeToNoneU32) {
     uint8_t pin = arg2.uint32;   // GPIOPin
-    uint8_t tidx = arg1.uint32;  // Table Idx pointing to Callback function
+    uint32_t tidx = arg1.uint32;  // Table Idx pointing to Callback function
     uint8_t mode = arg0.uint32;
 
+    uint8_t *maddr = m->memory.bytes + tidx;
+    if (maddr < m->memory.bytes) {
+        debug("subscribe_interrupt: memory access overflow\n", tidx);
+        return false;
+    }
+    memcpy(&tidx, maddr, 4);
+
     dbg_info("subscribe_interrupt(%i, %i, %i)\n", pin, tidx, mode);
 
     int index = resolve_isr(pin);
diff --git a/src/Primitives/emulated.cpp b/src/Primitives/emulated.cpp
index 9a95fd08..6504f792 100644
--- a/src/Primitives/emulated.cpp
+++ b/src/Primitives/emulated.cpp
@@ -440,9 +440,16 @@ def_prim(write_spi_bytes_16, twoToNoneU32) {
 
 def_prim(subscribe_interrupt, threeToNoneU32) {
     uint8_t pin = arg2.uint32;   // GPIOPin
-    uint8_t tidx = arg1.uint32;  // Table Idx pointing to Callback function
+    uint32_t tidx = arg1.uint32;  // Table Idx pointing to Callback function
     uint8_t mode = arg0.uint32;
 
+    uint8_t *maddr = m->memory.bytes + tidx;
+    if (maddr < m->memory.bytes) {
+        debug("subscribe_interrupt: memory access overflow\n", tidx);
+        return false;
+    }
+    memcpy(&tidx, maddr, 4);
+
     debug("EMU: subscribe_interrupt(%u, %u, %u) \n", pin, tidx, mode);
 
     if (tidx < 0 || m->table.size < tidx) {