From de52b9783864dceea3ca1c65334863ba63ab65b3 Mon Sep 17 00:00:00 2001
From: Henning Krause <henning.krause@netatwork.de>
Date: Tue, 22 Jan 2019 19:28:50 +0100
Subject: [PATCH] Added protection for compound files with cyclic fat
 structure. Addresses #30, #39 and #40

---
 sources/OpenMcdf/CompoundFile.cs              |  31 +++++++++++++-----
 sources/OpenMcdf/StreamView.cs                |   2 ++
 .../Test/OpenMcdf.Test/CompoundFileTest.cs    |  27 +++++++++++++++
 .../OpenMcdf.Test/SectorCollectionTest.cs     |   4 +--
 .../TestFiles/corrupted-sector-chain-2.doc    | Bin 0 -> 9728 bytes
 .../Test/TestFiles/corrupted-sector-chain.cfs | Bin 0 -> 9728 bytes
 .../Test/TestFiles/corrupted-sector-chain.doc | Bin 0 -> 9532 bytes
 7 files changed, 54 insertions(+), 10 deletions(-)
 create mode 100644 sources/Test/TestFiles/corrupted-sector-chain-2.doc
 create mode 100644 sources/Test/TestFiles/corrupted-sector-chain.cfs
 create mode 100644 sources/Test/TestFiles/corrupted-sector-chain.doc

diff --git a/sources/OpenMcdf/CompoundFile.cs b/sources/OpenMcdf/CompoundFile.cs
index dc12b113..ff559b49 100644
--- a/sources/OpenMcdf/CompoundFile.cs
+++ b/sources/OpenMcdf/CompoundFile.cs
@@ -1271,6 +1271,8 @@ List<Sector> result
             int nextSecID
                = Sector.ENDOFCHAIN;
 
+			HashSet<int> processedSectors = new HashSet<int>();
+
             if (header.DIFATSectorsNumber != 0)
             {
                 validationCount = (int)header.DIFATSectorsNumber;
@@ -1290,6 +1292,7 @@ int nextSecID
                 while (true && validationCount >= 0)
                 {
                     nextSecID = BitConverter.ToInt32(s.GetData(), GetSectorSize() - 4);
+                    EnsureUniqueSectorIndex(nextSecID, processedSectors);
 
                     // Strictly speaking, the following condition is not correct from
                     // a specification point of view:
@@ -1321,6 +1324,16 @@ int nextSecID
             return result;
         }
 
+        private static void EnsureUniqueSectorIndex(int nextSecID, HashSet<int> processedSectors)
+        {
+	        if (processedSectors.Contains(nextSecID))
+	        {
+		        throw new CFCorruptedFileException("The file is corrupted.");
+	        }
+
+	        processedSectors.Add(nextSecID);
+        }
+
         /// <summary>
         /// Get the FAT sector chain
         /// </summary>
@@ -1361,6 +1374,7 @@ int nextSecID
             //Is there any DIFAT sector containing other FAT entries ?
             if (difatSectors.Count > 0)
             {
+	            HashSet<int> processedSectors = new HashSet<int>();
                 StreamView difatStream
                     = new StreamView
                         (
@@ -1404,6 +1418,7 @@ StreamView difatStream
 
                     difatStream.Read(nextDIFATSectorBuffer, 0, 4);
                     nextSecID = BitConverter.ToInt32(nextDIFATSectorBuffer, 0);
+                    EnsureUniqueSectorIndex(nextSecID, processedSectors);
                     nFat++;
                 }
             }
@@ -1425,6 +1440,7 @@ List<Sector> result
             int nextSecID = secID;
 
             List<Sector> fatSectors = GetFatSectorChain();
+			HashSet<int> processedSectors = new HashSet<int>();
 
             StreamView fatStream
                 = new StreamView(fatSectors, GetSectorSize(), fatSectors.Count * GetSectorSize(), null, sourceStream);
@@ -1453,10 +1469,9 @@ StreamView fatStream
                 fatStream.Seek(nextSecID * 4, SeekOrigin.Begin);
                 int next = fatStream.ReadInt32();
 
-                if (next != nextSecID)
-                    nextSecID = next;
-                else
-                    throw new CFCorruptedFileException("Cyclic sector chain found. File is corrupted");
+                EnsureUniqueSectorIndex(next, processedSectors);
+                nextSecID = next;
+                
             }
 
 
@@ -1490,6 +1505,8 @@ StreamView miniFATView
 
                 nextSecID = secID;
 
+                HashSet<int> processedSectors = new HashSet<int>();
+
                 while (true)
                 {
                     if (nextSecID == Sector.ENDOFCHAIN)
@@ -1509,10 +1526,8 @@ StreamView miniFATView
                     miniFATView.Seek(nextSecID * 4, SeekOrigin.Begin);
                     int next = miniFATReader.ReadInt32();
 
-                    if (next != nextSecID)
-                        nextSecID = next;
-                    else
-                        throw new CFCorruptedFileException("Cyclic sector chain found. File is corrupted");
+                    nextSecID = next;
+					EnsureUniqueSectorIndex(nextSecID, processedSectors);
                 }
             }
             return result;
diff --git a/sources/OpenMcdf/StreamView.cs b/sources/OpenMcdf/StreamView.cs
index 4f0e61ee..782c18b6 100644
--- a/sources/OpenMcdf/StreamView.cs
+++ b/sources/OpenMcdf/StreamView.cs
@@ -176,6 +176,8 @@ public override int Read(byte[] buffer, int offset, int count)
 
                 if (nToRead != 0)
                 {
+					if (secIndex > sectorChain.Count) throw new CFCorruptedFileException("The file is probably corrupted.");
+
                     Buffer.BlockCopy(
                         sectorChain[secIndex].GetData(),
                         0,
diff --git a/sources/Test/OpenMcdf.Test/CompoundFileTest.cs b/sources/Test/OpenMcdf.Test/CompoundFileTest.cs
index ac262506..880d6296 100644
--- a/sources/Test/OpenMcdf.Test/CompoundFileTest.cs
+++ b/sources/Test/OpenMcdf.Test/CompoundFileTest.cs
@@ -1050,6 +1050,33 @@ public void Test_FIX_GH_38_B()
             }
         }
 
+        [TestMethod]
+        [ExpectedException(typeof(CFCorruptedFileException))]
+        public void Test_CorruptedSectorChain_Doc()
+        {
+	        var f = new CompoundFile("corrupted-sector-chain.doc");
+
+	        f.Close();
+        } 
+        
+        [TestMethod]
+        [ExpectedException(typeof(CFCorruptedFileException))]
+        public void Test_CorruptedSectorChain_Cfs()
+        {
+	        var f = new CompoundFile("corrupted-sector-chain.cfs");
+
+	        f.Close();
+        }
+
+        [TestMethod]
+        [ExpectedException(typeof(CFCorruptedFileException))]
+        public void Test_CorruptedSectorChain_Doc2()
+        {
+	        var f = new CompoundFile("corrupted-sector-chain-2.doc");
+
+	        f.Close();
+        }
+
         //[TestMethod]
         //public void Test_CORRUPTED_CYCLIC_DIFAT_VALIDATION_CHECK()
         //{
diff --git a/sources/Test/OpenMcdf.Test/SectorCollectionTest.cs b/sources/Test/OpenMcdf.Test/SectorCollectionTest.cs
index a64fcaca..835f9df3 100644
--- a/sources/Test/OpenMcdf.Test/SectorCollectionTest.cs
+++ b/sources/Test/OpenMcdf.Test/SectorCollectionTest.cs
@@ -121,7 +121,7 @@ public void ItemTest()
             }
             catch (Exception ex)
             {
-                Assert.IsTrue(ex is ArgumentOutOfRangeException);
+                Assert.IsTrue(ex is CFException);
             }
 
             try
@@ -130,7 +130,7 @@ public void ItemTest()
             }
             catch (Exception ex)
             {
-                Assert.IsTrue(ex is ArgumentOutOfRangeException);
+                Assert.IsTrue(ex is CFException);
             }
         }
 
diff --git a/sources/Test/TestFiles/corrupted-sector-chain-2.doc b/sources/Test/TestFiles/corrupted-sector-chain-2.doc
new file mode 100644
index 0000000000000000000000000000000000000000..59b4f53b25f703af0d3cba249dc5da82fe7ef81c
GIT binary patch
literal 9728
zcmeI1TWnNC7{}+7ZM#K;Qc6WcS)f9#SW6K_MQzKaP%Nz!MZ6%p-G#31?y0-m6nrAy
zA2i}6@x??`d?GPb<Foo=c+lvBJn)9Tneb4FF(HwzzyF*)b}6#mRwZC|Hor4-W@o<n
z=9|lz%MahrKmEa{i+?hc+`VR&8P7SUsvzDWT<gCRs35Gk@mwzFM-wc&tH=W9^SY`H
z12keKsLiV(2sJPpu7NplEzE^^pgi;Q{#8`vvZ@6Z*lApTSramwO$tA44$-2ey9Rnp
zfw;fsfnpL0=Zj+LO8u`~{)7cev00)0{rP()<6qwbjsH4W0QImC8sIuu1lPl2xB-^H
zjc^kzg%B)*<)HE#@o$EeunL+$@y+<R!fLn;THtnQg*DIyYvB%92Y13<upaJ)d*EK!
z0QbTD@Bp+!2Xw+l*aVwl3v|I&*aqFO9Ug=p*a5xJ2M@tc=!aeKFgyag;ZfKFkHO>c
z1Uw0Q;VIY$VNe|h@S_mRzfZL2e;aZreHIhEN~x;R7u}ez?9*&f`}M>J(r(7xpAGGH
z)6v^Dxz7wIW2vnDCiL_xZj(D;R|N{U@M8aOS#N&3`?F^~LB*bqw~Q#3r09Qj^t9Qm
zLLRqYBroY8%amVp6$YPg*$(Env`J#=1n=sPb<ujqF>4x~1;^;L$4;1zM$_Er(5E_^
zO>cL=JOmrN8%%O*O)vv}yziwKgo%4<s}o3V4Ft2`6?ci}1~b0&Z0=Xv>l)}=F|!{X
zhS5T^Z6Dz@9I($JbPdt(TssF#;62K197lck8vBoC=@_X)^wmL|TO+Qwy8?A9Odslb
zD%O*Fe5qrWJL<>P^x_z)qb82*1H@d*m|bvejEWyLRn&SBGAfZ#NtKr%rwTdMRCNjC
zsk2scG_Gps-7#~}>fVW-QTv^!W$f2QLs-)@<!hu2ncHiZIc-jeaDXurHyLuNnHTWB
zw>!wVTaMgLr=8epY7;g?q=?(vOTT)g9klw*LBBfmT4e4FI?5U*_+-#oX=}I>Un`bv
z)GTVX)7wI$TwY0AOo);q))G}0SWz=p1G<mVch)rK)koUjTa-WSYB%65e(Y$`@<?4k
zD<(f&MKIT{2yZ0eYm$^x1QUksGg?%2H5_piKb6~sVUkoXgJE~zkKpU0tqz?c^E%}C
zg%y+4PlF{*gq#`%Ygd+5dIudYPD#oWm&Tg!r*LZW2%4&U`^_3+f>cbLL7<7Uc%AMl
zQ9E^=ge^^ynS_<kH+T^(FQuU@njv3dt-Gp9vs4cn3{XQC2`;tNAm4+28h+AkUCDB!
z#euxd*9DF+xTbbJq@T#uN%wbxuQPxDK-U<w0!EKlbj`0Hd_}T6iF$hI889!{ie4D2
zH@Q_S%$N-8zuU<2W7-y|Yn^tMDKktO{j^ii{BeHDY}3}{aDm8NPK&-m7i1D2p|3~m
zbg!{~aZF+Qe<?i9j>GwDww(~Fj(Yl~_s^c|9jrb6X3*Ta>hn{o@do~wgRlPwLB<<`
zS@0q-!<+X&v-&7#Mn3`7a0WDWD>F+bGY4P$;zfCxe0J>qxD{V=f1wey)>WEa@oXZt
zB_2yey*TZo`-dY>#|E<bSTA1khel$NOg5G#X!C2oy*+klgauZn%iWyT8c}k!rtTk3
zCd1j#wiM}OnQT0DV0Fk%hf*$|T%}Q6cev?fIMEVyvq>8#-LzhAhr@@?zJa<njAvcD
zo=qPm-XHtcexqyCy+3D~e^j!I+?kIZrzcc{*~aR=^#1ia79To&9p{>jVK)&@t@mOt
z$X^p^Fm0+_-bt@wE|;5U+eL~fthVvPlk>f5BlhP-`u^lph3`sJUl=h(_&L(cx-aK_
zKlvBD?}LBp-a^Jq#4M!iM#wlqmt|3CjuO_ctnB`u7I=sDRX@DkuELzU+(nklD_fv!
zfh)=aVY}kFqEsp?b2%-LU*}!UBFkl6F&1$Aldp4Ej7nui{$mTUzwi&vjnitDjy~TK
z8vUkY+33;A<*?$&(aJ_>>*IFj$e`0YBz@NM*3@R^PTmGyYX7dCPsPdaPQKT2L+#t|
zvVUKF?vqW#RZfZ<B`yKlw`(sb`O2%iA8jok1l?8d1K;U?e{Zgp^DZ{dv2;Ac=GpF#
zwO{Xc2UDp-oo<HnK<%S-KG4Z_N_QeEN7RBZi{Mr1{>}Se*<|t^QlU|fe)#)$!<-|?
zmWOo_gL63l*J1V$H);{{v==#zXB{n|Hc<QP4y)9xen}4HCOEd5shdsdDpz$XwS4L8
zpERuDFg#4nXR5>8eEBL{u9SL6*ROS;g{$OXei-}fIze~;x=Yzli+DF?{_(w+_V1oe
zl+T1<&tgg~e+B6i>MXe3wyY@kV=l+%(j<lkx-TltEuKOBZ$Y$w?o@eE$<wpP`WciT
Xq5Ko2Rj;H}w&C-SQZnei*-!T;!C?|f

literal 0
HcmV?d00001

diff --git a/sources/Test/TestFiles/corrupted-sector-chain.cfs b/sources/Test/TestFiles/corrupted-sector-chain.cfs
new file mode 100644
index 0000000000000000000000000000000000000000..e2d299134bc861ff459726a448e48faf3ea92991
GIT binary patch
literal 9728
zcmeI1TWnNC7{}+7-FAxzrId<@vOopoQcDp;MJ?r0D3(@=A|l9cccF{Bd+P2s1)qrb
z2aR}1d@&IfpGZvA_^iGd9yI!(55B2yCO#BmOh}~b?>}b`EJe24sszl==67b!?94ac
zd~-Q-`R?19KfU+y+@H-Dcb}PJM)N^aRTS?KuJhjs=s(4c=JR<!nqb9UM;16=&{b_1
zpb>*m4K)ygT9^tqz%;lKro#+So|y&zI;wI-)glY*G%mlK37gF(jh`_`Y0>gsBR!@_
z+=Y3dl!W5>qExza|ErXL(E{bztl0kk{5_fRuWy0Ie?82C2AB<va1+ddn_({80`uTj
zxDDn*7#6@nQ29;xx5Hvs0!u;h%kY=O3Rnrva3{3DDrkk(a2KqBwQx7AgL~j!xDVFD
z{qO)h2yL(d+F>JXg3Yi6I$$eogHG5E4?!2~fNto4hhZo5!Y+6O9);cT80>+^VJ|!Z
z`(Qsj2?rnos$(C14C00Ni!J)!h8#+t!UV5Us%!N{H|7ibG+WeuU5UPon{^N7!n@r}
zY~?2Rslik{owMJBu3p7$a{KJ6K;dRy?ElT{%<uPn^0X(Y)YI{n5v7up{I8y#HkDP#
zUi(GzlJ>JqIg_t4_<YNDFu!F?3QH$>SAVRJH8_r0)#S`NNvAz|+H7bt%bFbeRQod1
z-5D?s!^X}=liFGv%0dtC`{@M{;-1{<1kzgrp&WR{UE#UjjLtusKVy4cBYi7w4x+;#
zT4=WIA)J9j_BnvAVfvkG=U@rESGkSjsPEoj|IsWRCv}*<+HZ4f#C3O8p>CDwK|N2!
z22zjCcg#XZ{kVo+94B?mB#?cGm>U_hvrdjs@gt_1TF*g75E((LJP$e5$f=>K^B7O<
zb&{iTRZH)Vn<G~DcJz$d??fGAzdjbmnw}|NA!XRyS+~Gxb;5)LjG2VVl1t4zi}(GV
zA;#T8<hDC)#MV%oh#4S7!q#5;H6ZPX)o&X5)uY!Ovo_=?YlPswkh9p<a3{W2EZeAA
z%xb5%*+#j%lD3#IB}J_zsxPskW~@eZAEEE8YAUFYw7<6~f7sP-z+3#-(W2#%x`0+p
zez=-ozD*I{NW#}7DW?b~4BKb4sOo4u?kIjdw+q9hs9YAq?!X_y*GF3&I!)#^$ngs+
zC99VPOPMG+H4IiSF0b?rbhrd1DNjNgYrY@HsmY^gs_yMKYnTaAF$o5NCd$%vy1Pv6
z)OC`!G)ZO>RzBb0CA7SfhO%gue8siys4mY^U1-op4P7L-)KY_d5Bh2NNw+m+%aIm`
z3N~L8IL_c2-*u7xVy<?&zY}_u`TIM%M!yv>e5$HrW<&o=lI2O%(?idIdCpe!(pbI8
zEm>qnWLW>*MphmZwm^N$gtLsBVa({KokHf%^W$cluqMZfMCS8a^cA}hllTyQJ!+?W
zjrGf8iqro~;Zb%R&V||bqEL0zpI&(P?78m#x>K)*%<?6l{-_$S=Z|Ul`oAA!yaAX3
z&jT~Oc?UGB4})g((@+Dyfu?R{X31ox;cH(!ry!Hhj@=)(;7jhWG=kQ;O0z4GOUAb(
z;>nm7r+swqVDxajFIR~5;w67zC?3t`;u(TAzxLbP<41>BU}Zbp%^9r`C0A?e-oaEV
zk_&H3lRlo!CDMmhgxyRy?efW08r5}&n@L5I%`rEZvT@Q)>*Y2$cJ%CPsB6P`*0t%m
z^n>KPBVXHZbX}(Vm+Z3dmFzP2+lP+R6|Ti>BlVwq|9TyZ51qb_)6K?+n~bE_d9jz|
zuMISsR#mRxq*p1I&(E;!B1IHd+xX$J`ChgW2MZ#7e{8Daccp14ju<EW4C!Uv7Yn|h
z{4?GUz&~|wAY(FOX47?}WE`T)vM4ks2y0hXasN*XyhZz}A6{)&Wq!QcMOMnISfFBo
zYsvx<yW+W~RH`U*H7!tB=UvSrD`j0X7I6HNuXERoN)<)^V+*jq@DI+7(_-ciKieE0
z{%XU5;S<4yu;}=SU=y_Va65Cn-)R|;KC5|K+G?hc-3DH1|E`@+)eqnN@J{nBb#K1S
z{(Z%{k2Vn(91}N8ToSZz*IrQal~;E^+FCvYx~o0_zSIBy-dro^U2L4=nM9V&v)vzS
zzuxKgr_)E<-7M#U+DGerpq=fM?nG3Mr~_XX!RylfoA<x6$=ExjVxydR|Br75IY*E!
zkLe-?=Wzb7!|VZW)S~9F7de4vJuRR%Q2Xl+tK6)9Ne<;EIkuXtn@Z^_S9L14eCg|-
zG_2w<JVMPUtHbm{`6^qkoO(#tFLj`W3vw_&i2Ze)pu2zFr5vP1yc;wB_})wVch9Ai
z&xBylV#+Ol5$TiaEV$jatQhxWF30E6B#s8UFDlQ?okacbK(v4E6uhkDiP>Y_B+8Fc
W{^|0nS5_+9@P$V?8Fb(5r~3=RX%a~Q

literal 0
HcmV?d00001

diff --git a/sources/Test/TestFiles/corrupted-sector-chain.doc b/sources/Test/TestFiles/corrupted-sector-chain.doc
new file mode 100644
index 0000000000000000000000000000000000000000..193a9cb7cec0c004e2bc3ef27d2d4c2b9f461ae0
GIT binary patch
literal 9532
zcmeI1Pi$OA9mnT6wzE#$bmKTCv?<v-CN*wqY=@Mz&B1X}J8_fP#DP#s+pN8tc#FNy
z?5^dQODu$d1Bg@w^-`%Rgi|GCKpc81CzJybm7oW11tHO*N_C@(DpKpm=R0rTdcE0Q
z@7j)PDg31Gn|Z&P`Tc$~^PB%~{bl<*ul@GEf0zP#!fY~&UW2L6<2%H|dH>ny6WNfY
z8luXz=y_h2Yls%7AVblxc#*2OG9@TroFI1Bho5F!Kz&q8+t&g0@@5bM4PXn{3L3#Z
zU>mp>sLb|kc-J@NXVL(%O0=Fat{HU4lgZgWH=Q=-3v}5g&^KtzE<z2_a@2xTSUp8E
zWi2S0RuMCQcBrU;GUeC1l0vIeQbuq^`m0d-9s;HA-4Z%)h+j%+tVE$g{rVTG9p{?m
zHO`yB4$usCf)?;OASe1fxDVV9c7q3i9BmJXfCoV<kp4EpFM@sGA<z!Q?;v~_><5p4
zPVi;W1-d~GH~_u^4uVI)SHU6h7<e3L`8f=p1pQzD90w-={%)QEC&5|pb?^;v4tx_l
z4Za1Q0pAACg6F{V;5>)|**W$LW7Otx5D@Gf`MlikiV>T?V7)9>$U*xiCS%Y0z^iZ2
z>T1j%?br0H4^Ab<Qf}J4kcpggQ?W;mx!;+dj3+aizu!5TiXC&u?1FtRk&1QlV-q_M
znU5a(-FJN{<-W`kzQ%Hy{IriT{<d6AxXKphnrH0N;U|x?gZR*^F@!8Sr<tcxW|C%}
z;9m~a6l-=I)7|FmxQ5qVyKauOnT|FGr|9c2LxZ*EYvAZ$i<vy$5K4n#{-2|pqwt<T
z?$joa*M>5{S6AYD*eve3>3wM3ro|kiTQ6Y4G*)DA-C^P>aM6CJur-2Xxh6@f=y8=c
zjw9#WYExWN;^dB)qvTd;4Vj_A8qBRR!<grr*i7!lJ&tL0<fxl*(>S?fCV}jWaPDEy
z?YOo;#V?t9YP|~?b;zir%Da(MkDSd^bvFZ|FDyA47!9~~++4D@_hDzu%)$*bc$;Do
zTGMaJpTLWlI?t=?aU#TP859YVwsopukgFL(rq{G0x6kP%hg?2trpS@7wU>R(NV{b1
zYs9`L?Am1>4LK?rCHid0*=K8bhEQ9J6Vxnbt>d?Mr%@?iQ@@FzY1Fnv{jyfnl+%Lk
z3;0eqGl%sAiWhHD60Don`nwc6WojQI7tq!wh}RSKdc_Ewx<<2{NQ_~B^J8~E11(n^
zo3O&?EDbYB<<d0lX~G$!g;(yJq~t-Q1ggpj8lk%;%_t=`2oCJ4O!pC-EP*DKNyuJJ
z*DH`Zd=xw7+(D;C%!uW@!4S|KnX6H&U!%yfI`vm*-BD|qw8_el8Bw{Qxyx8t%0jg$
z`xuj7>w)^pTIv)QjA4h11eaQBh(C>e8hi<49$Y4exudjwrzob8>Noqr+AEB%m1%jY
zKK$Pa{gm1JExcpg3YdSrW?*~s_>UyZm#D9gf=PWuOP7;PQ+^iIy=Fme>zA~wYCqn8
zsx7hB{1v$CT2<U$UUNWcYU(PTRx(8+Tsx#J(Gel@$)~~ZZDHjqv|oqj?AQNzp7vw;
z6k>Xw!H-8jN#WNT**T7#+Qqp8w8&!b<mS;O1=_B7-m5on4ULCie=%epe(3jqSB($j
znvI0=P_6uGv?-uE{s3smy#h2}&ja<-b+8${4|F6|VYW4<kx)m|U0IndDE5fjMJT!N
z(fHbiD$m(OW+L97h)=|Po{q93)1xoM$1+*2&zJnEnfPcr6Hi^HZYr-M?^E&F8TM7_
z0r$z2wtnJkyE`&HIT_7FP9(`6PiGRzi~A#PDw1^BASh3xd3V!kH#HfZ=#06UNz0RM
z+RFBVx!IdP!(1CDu+*z>`>!TmUHG$IeZ#4tf2KSBddnsjeBS@H<D7~#&}<7$Z~AGz
zV`bO9ZRTjyoroq6`P^lt8){ojk1CfX*;PQEcdzXVnW(tBBZwDdH9xkD3t1^zLzYNo
zl+wJ!S~2!L@_$UO9~QA|sj!?Wpg)lFe17ioqdX{9ZMba0+KH!*qH_ihWp`(;64&|Y
zZlyebT4fXH6t`Ns{phh;NrmNpPQT`SE$mM)@@h?Utp%CI_h+i5gpZb@6~=Uuy~Cs#
z>NBRf3iKDQbrlrZ_*trSbMJ$VU!@IX;cOmlAhXuVlmg$0+HFsDvU%yr7MLqh@PQKi
zbzpm!i(C?|gWMt_b{FBTnRVxunUze_{<tV*_j^Ut3YooyjHQ3XtVHcAWmrRc!NR%*
zN$XKmYx{c0;mol*Vw{)QF?W|2sB4Mf&V@rt{+){xT!R%oPm~w?|J04$0-QyH+j5R+
z;XU);?~Kg<>BxigSL<5A-YZw@+Ca}RZz@;DovtZW=Kz20J!V^1LETCn?b!&MnzwJf
z{YvNk;g??KXuto~Z;rvME8xw;n*f@!v?G>$mDP)lP6;Q0UXss)fRr8_+qK(1%b7Z!
zN~Aeg+oQ9N@+&=ON>>=vuqsN{ou^7?3GZ?>wwy7^f9W|P!h4n;98&f&zj6t=r(0$*
zwaKzqBZqtTJi7YJ|K6DH_?x3^m^r<^Kn_nBy2G9_L)_lJ;4`cEHqis>Pk+gxNAx2@
z7QKHLnN|Y@4(cYjz*;SBK@T<dR27Al$dP5iMBB~Pca#dR)`o3a{n9Net$&)v)f0g_
zR<9!$Xm0-vEVz;{UA7%98brF`D6eHn#$KWm>Hz4R)fMB#%jHU3mc+537?r8OQuZ$q
v4X%>v3WR2OSE#0{hbnHsoc>W_*K>a*BH5akNL|MEysf6CT-Pag{_fy^VyV9B

literal 0
HcmV?d00001