From b7f19959487a3ba877b210ce9d961d7a7a2ae4d4 Mon Sep 17 00:00:00 2001
From: Georgii Surkov <georgii.surkov@outlook.com>
Date: Mon, 15 Jul 2024 17:04:37 +0100
Subject: [PATCH] Check for rogue minus sign when parsing unsigned numbers

---
 lib/flipper_format/flipper_format_stream.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/lib/flipper_format/flipper_format_stream.c b/lib/flipper_format/flipper_format_stream.c
index 83e77a4e2..b9d33169c 100644
--- a/lib/flipper_format/flipper_format_stream.c
+++ b/lib/flipper_format/flipper_format_stream.c
@@ -400,7 +400,11 @@ bool flipper_format_stream_read_value_line(
                     }; break;
                     case FlipperStreamValueUint32: {
                         uint32_t* data = _data;
-                        scan_values = sscanf(furi_string_get_cstr(value), "%" PRIu32, &data[i]);
+                        // Minus sign is allowed in scanf() for unsigned numbers, resulting in unintentionally huge values with no error reported
+                        if(!furi_string_start_with(value, "-")) {
+                            scan_values =
+                                sscanf(furi_string_get_cstr(value), "%" PRIu32, &data[i]);
+                        }
                     }; break;
                     case FlipperStreamValueHexUint64: {
                         uint64_t* data = _data;