From c448459d5635e8ce7b7c0017df8d3bdc8e20c62e Mon Sep 17 00:00:00 2001
From: =?utf8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 27 Feb 2019 14:45:29 +0100
Subject: [PATCH] networkd: refuse more than 128 NTP servers

This test case is a bit silly, but it shows that our code is unprepared to
handle so many network servers, with quadratic complexity in various places.
I don't think there are any valid reasons to have hundres of NTP servers
configured, so let's just emit a warning and cut the list short.

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13354
---
 src/network/networkd-network.c               |  14 +++++++++++---
 test/fuzz/fuzz-network-parser/oss-fuzz-13354 | Bin 0 -> 918848 bytes
 2 files changed, 11 insertions(+), 3 deletions(-)
 create mode 100644 test/fuzz/fuzz-network-parser/oss-fuzz-13354

diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c
index 2d42f0d742e..98cc8a263a8 100644
--- a/src/network/networkd-network.c
+++ b/src/network/networkd-network.c
@@ -23,6 +23,9 @@
 #include "strv.h"
 #include "util.h"
 
+/* Let's assume that anything above this number is a user misconfiguration. */
+#define MAX_NTP_SERVERS 128
+
 static void network_config_hash_func(const NetworkConfigSection *c, struct siphash *state) {
         siphash24_compress(c->filename, strlen(c->filename), state);
         siphash24_compress(&c->line, sizeof(c->line), state);
@@ -1462,11 +1465,16 @@ int config_parse_ntp(
                         continue;
                 }
 
-                r = strv_push(l, w);
+                if (strv_length(*l) > MAX_NTP_SERVERS) {
+                        log_syntax(unit, LOG_WARNING, filename, line, 0,
+                                   "More than %u NTP servers specified, ignoring \"%s\" and any subsequent entries.",
+                                   MAX_NTP_SERVERS, w);
+                        break;
+                }
+
+                r = strv_consume(l, TAKE_PTR(w));
                 if (r < 0)
                         return log_oom();
-
-                w = NULL;
         }
 
         return 0;
diff --git a/test/fuzz/fuzz-network-parser/oss-fuzz-13354 b/test/fuzz/fuzz-network-parser/oss-fuzz-13354
new file mode 100644
index 0000000000000000000000000000000000000000..2274fa5bd978b27ae12c2be04794f0d52155aa1b
GIT binary patch
literal 918848
zc-rmVUvC@Ny)IxPIJ&StfN%F)cyHhop!b@YH8Y$GLPz`b6e!>bmg71wI0jCtur(oz
z?4cC<^xN-YqNYhISz;7Y!{HMMZ1ZPCa;@imXJnE;CCTcq<@7JJ{~y!op#AI9VtM}V
z@c7$r|1`b49OuoT8T|X|=0E?(puK(h<u{lA@4IR8e2@&2$<_OJhli7s>D3PhjsEZW
z`hO08zqt5jHoqJ{PoDqu|G!@>FK0;{|E@jwVD%loOxoKYzP@hn<*Tp$&;LG|{`H%y
z*~i~a-(JnqBz=DIhhcIwT<5?0dX{|uH|_uZ{%?j~&sKLf9sg}Q{_gVXcz(8e9OK^=
zv*Z_#<A472`+sxe_y6(e>|c)l<)dr=_A`&}rsIBmTFZ~GxA@#fA&!cC6pJD+idfZI
zNV5=PmR6w}rCC<TI;0Q3pX^`PFpX6l<z*bLv6w}b#Wbz6B28m#A9gh=M`<-$Yl;8-
z8!U1A0RHi)|JNN){{DEb|9XJSVVZ|_<6_Kv0yHG)W9Rp`Aoue{8>TU|@bfl&F_u+~
zp~|aJ7e!j8<wKV9UKB5n&fXsnljV56*d)cGDvP?#V^LSJUBdQhhAd0-I+UTkS*t*^
zYU@I?d-CeZNuYljd*GsVsnmOPvC(&DgD*%U?IvkaqjBcU$r)#yamE>EoN>k(XPj}y
z+2c9`K+!0gzBrpD2VeiD&Q3YwOrLSqeqF4N{xF-LbH<rI<BT)TIOB{n&N}3*lRroc
z&>jYe6jGehIpd5o&N$<YGtO>wCL}^4Bx^ad>e4OUU2yh{GtTrGXPj~NljoLg$JyYY
z)3{DvzZ}16n&fHHG;iBm1XZ1?<7{W0NtR?u7H6DscGsdcO&DBX06$q>0CUIPqxG9H
zv&PICGi%JOF|#gUT}W`o8E1yfa;DGr-I*QJ3_J0<GH1>}oN?AgXBc6mu70gEKKayx
zoNde5hPKCs2)^KR#@XXITY?6fLgTD&WA8cROrLSa8E2ev#u;avamE>EoS7*pBtl}Q
zq*a%0={8f6GkwMxXPlWSiJ+=eb)1<gDOr-m8E2fCDajpo`i(Qrw(e}g*{#cS&>lU>
z6oNu<;^B-l&N$<&U(NtfG>XP2eQ$Ag${A<+jI;LZVs-R~+5DU{&h!~)oN>k(XPj}?
zA!kNr36KDB#u;avamE>EoN>k(XPoV&GoXM{T%2)cFo?k*2&y{HI5QYTvLuT$&UVk)
zy&vi@jbW6Rd6JG|EUOqpl~<uIinL72jqm&A(b@asVX_?07n|JoqAH8J&SOzmu?<N3
zG((o9c^%5o-mIk}tG4bUyQd2cszEg<XV*s$z95aXo1{gJ#+frGXPj}y8E2ev#u;av
zamE>EW{v@%XgD)-j5B@4nVDmp=`(%C8E2ev#u;avnK>pvI~O2QNO4N%j5E$S<BT)T
zIJ?oAkO+y8tmVwAOSg1)!Pzs;IMZjGamJZBhX|@V&NwsYP_iV8GtM~MhO?##gX;_6
zC#wr!?znrjetX~;$|CKexnY`zv<fliJ;4|Hh|ic=V`de+3s@HtoN;EzEN7hQv(7lP
zW13+nURUPK8Hh8^y66lejMUYyb;c*3dXTeiIor_o*bu=Ne9k!Aq_h9L)!7m>&=eYH
zeH(kv8E5*8GtM~Uj5E$S<BT)TIOEJr$^8w9r7>8@U?BvZ!Z<TnNU|hLvN+?+U?J|f
z({G${);(tv&Td_vgZAi2rVtc@6Ax#camE>E{c;9?qER$H?s1E=Q_eWkXPmWP7ptQ`
z%;x8uai-6@?#y241fAeonlpXInQLjz^ciQIamE>EoN>n4oy*g+8Dw%LSNfYXqZT>S
zXPj}y8E2ev#u;avamE>EoEfz!Btr67&aAq0OLrHXJ>!fsea0DQoSCwXpsM4HGgG!D
zOR_lQj5AZVxzlf)amJY`+oo(Q1cksEXPj}y8E2+!1E6Sp(${1_&h!~)CIfP&&p6|Z
zGtM~Uj5Ct~1xSDtHD{c0#u;avamE>EoN>n4jyMAfD8<DYX9j~941%Dl<BT(dK_pAE
zIOA;hoZb7O4$~M$d6_5aD8{miF;saK>Y_-?wA}c<Uml&kKOQE_@qDq#eJ`rAsOvly
zbrsuyv`;f+S(?|O4DHQYDza+pF0y;N(4ZPrgK~C#^xzB9NV`c|)M%VJb8^NRXPj}y
z8E2ev#u;avac1Ti0E&h)Gsig7XPlWi#+g3TXPj}y8E2ev#+jL80<?1hB83#Ebj~>A
zj5E$S<BYQ#oe7DM2+3N`th#hdcNd&J<BT(X#u;avnRAGss^g3^a}Fg-vN+?6vu!wQ
znlQM&0DiK%0N!PHd%54T=^Wr3;Nzd1=`+rJ{F5_%#u;avamE>EoN?ykp919LpQNZ-
zjl>yeoN>k(XPo)?r;rGVkAGTq>6UIE|Kv=camE>EKK_ZIs#A5G`S_<~NtR@B#+i?Q
za>w0<`t4!M*FKaknj5BhNUIQI-V=PGkNAdZ45PfvlXMhgS;ZKtyb5(uq-9!ey#6ka
z&fXsnljV56*d)cGDvP?#V^LSJUBdQhhAd0-I+UTkS*skgYU@I?d-787E?`|qaK;&D
zpK%sB<4m9JhBG^+8Fu1zWzL*|IOD8~&M?AAUHw{TeDbLWIop=A4Q-DN5q!btjI+ma
zwge3{g~nOm#@=(rnLgu;GtM~Uj5E$S<BT)TI5SgHNQA^pNvkg1(ru<BXZnmY&Nwqu
z5<yj`>Nqn~QnDnAGtM|OQ<6LG^c!cKZQa>~vs;(vpgnq$DFlV!#KRe9oN>lkznlS}
zXcUc4`rhK~lrzrs8E5U+#p>t}v-vq^oar;pIOB{n&N$<&L(YuM5+DKMj5E$S<BT)T
zIOB{n&N$mkXFvg^xH#j?U=V{r5L9)Xab_@xWJwlhob8^odq31+8p9|r^CTU`SXMEH
zDz8Fa6ls~38{hZKqqFzN!(=(0FE+XFMO7AcoyVfCVjGb5X@)FI^E#BFy;(~|R&Cuy
zc25@?RD)_z&aRIhd_fv%H%W^cjWcIX&N$<YGtM~Uj5E$S<BT)T%p3zi(Qszw7-#y7
zGc(6H(`WjOGtM~Uj5E$SGjmLUb}m4qkm8ii8E2ev#u;avadx9KArTTGS<9JKmu~6q
zg0p9wai-5W<BT(N4iQv!oN;E(p=3!GXPj}i4QEXg2G<wBPgWPe+;R74{r12ylttP_
zbHg+bX%%A3dx9_Y5uY)$#>^^s7qBiQIOEKaS<X1qXPt3o$27xEyspfdGZ1H-b<r6{
z7^$mY>x@r6^&n^4a<-xEu_1yl_?&U}IL?-!fu_(n>)Y6S&N$O&oN>k(XPj}y8E2ev
z#u;a3O73q+ERDfJ1`8qR6vmmsLXss}lEoQk1`Bb=oqpqtv+g;YaCYnR9JEJIGKHWJ
zoOn3nj5E$S>z6YC6pf<sagSS^opQ#RKI5$Yx>z0kVKzVKj5B@48E2ev#u;avb;y~y
z2?8WQoN>k(XPj}y8E2ev#u;aO=?o~K6c=Zl84O}D2!g7PGtLYKku1sLj5E#*2H{S>
zamE>E27?$3q7W1UXPj}y8D|EA0HA0Tjlm!WgK(zLI5QZ8GkwMxXPj}y8E2ds3?e`R
zq^LRLj5E$S<BT)TIOB{n&N$<YvlBk~)PtOD%UL(K=Y{RrsTvs0kB<^Ha2Jw~oH^a-
zGtM~UjI%yFJNh!2w13+LXKyy^Ol7DHmBATjoN?BZNyVJ$GtM~cqBD#zQdiz!z^5MM
zY){`{U_%67@Hyk`ahxqd15KfE*0<S(oN=blR^M&))DzA)(`TG<#u;avamE>EoORrp
zkO+y8tmVwAOSg1)!Pzs;IMZjGamLy9Kl?M7oJ_AiEtco+4o_ac9KULs<Z040Z`)f0
zRh_EiY-gQGmSjm5XPj|%*P=B|7+hZfKUrM>bI0AI_1nXiuYD+8G&fB1kX9kayeIfV
zAMp*-7)E)SC+R50vWhWOc@^rSNXxX`c>P@-oxMLECd=`Bu}O+WRTg!f$D*!cyM*o2
z3|W@ubtpr7vsO7~)z*b(_vEGEUBJ4K;EXfQKI1HM#+g3b4QF;tGngsKnKKY)oS7+!
zk-9Qdl21N4GgHz`Nx>I<&Nwqu5;V{h8fRuoa;DEX<BT)TIQw<Z`mmhd1MWTGioyxW
z32ASg4Za|aH17iE%$buj&N$<YGtM~Uj5E$S<BYQoIs-t_C>rm%y2aTkXPoIX&f2ew
z)zKej^K;HP(`TG<#u;avamHDPocZvQ0Cgikq>$p2&KYN%amE>EoN;!eGa(TYAz90r
zRhMq*?t-&toN=blIOB}7?f*)c!Q^Cm^=Yv@e|LEOo0gN+Z(4ra-Xf^#R2^qK>rApF
zOR_lQjI+BIt!cvG`U3dL>H?TM?jEh*9yo@wNV{lmnC2m^LX3G&@P$6&GiKJ9Sq1L`
z)`bLToEb998E5*eGtTUoX4r|>l{s?;;*7H{I>QJfb@gkV@yVwi<ZN5cHncr9MDPWl
zGtM5z*%CC+6dGrJ8+*?gXZnmY&N$<YGtM~Uj5E$S<IGIS{SAqwF<8i8Aq1VmI5SvC
zvLs8gIOEJ<A?~=-Z=7+~J!ccnZe5;(_UK8b5EOzF4`-Zl#u;b*at45+Q8Yg8af`E4
z&N$O&oV8yUtD`^6=I5Morq4Lzj5E$S<BYQoIWspwfCPv$&N$<YGtM~Uj5E$S<7_XT
z0R@!e;*2wcK@0{#P}On9nZY2EC0U$t#+kt&-03&YIOEJ<5Q9M!f<oYoGtM~U%wP}z
z6pf-W7{p)@&h!~)27_>>&p6|ZGtM~Uj5C8l1W14sHD{c0#u;avamE>EoN>k(XPj|%
z!Y7}4kh5($>*n^nusu6f1H<|8QKAO!Lh_L_ryG678E2ev#@SY!z1gfYTd6Ws24|dc
z##v7$6?3M~IOD8~&M?AAU3r56pL&q9J$-|L4H107=Zv$*akc~vG=;`l-)0wb#+g1_
zeYe$9PdMXDpK-<+XPj}y8E2ev)^TS-A|yhxmNTm^-O}9!XU{m}OrLSa8E4!7?9X6w
zGQIk=Sf0N-JbC?c{Hke^r%BViZEq1&b*hfDopmNzk|kN3amLwQi`Fz@aD4&%WOV_|
z9e0n`Zx36(_Mvpq+%U~UT7?+%p5P08#5YW180BT2q@x(iD#lRdRj7+1Ez@%2^>=x6
z_WpR7EXVW3CMgzGS=4nNi@J*K61Gn>WLcWmp$zTKTIHBkTNj$$lb3>b0qa77GtM~s
zjI+oYXZmb6oY^tWV5THz&On@TW~L-Y>dH(>KKbO#Oi42(1z+$v<IGG+&_GjYoS7-f
znLgu;GtM~Uj5E$S<BT)TIOEJrNg)vuGbN>4y3Lg2j5B@4S%;k^aw9i#!&%3jnRtbw
z%2Roqakdd>6V7g3o`d%2Nv04Kf)fvCoN>k(XZ>;pfTB?}K8JLRvs2DE(`THuUl*&R
zKg{OmoN=blIOB{n&N$<Yvko~k&_jR(h%?SO<BT)TIOB{n&N$<YGtM~kD^B>-gPi#l
zCmY_L7q(}oYG61&K1$R8XHGYqamE>EoN?9-XKyy^%vP!lmBATjoN=~kXBlUl=`+su
z*BM3_sVi?V;8PEBwx@3}upxpk_?&U}IL?-!fu_(n>)Y%?&N$O&tM9gY>Ir9@=`+qA
z<O~2sqi8tej59+8{e&w(0>l|-oN>k(XPj}y8E2ev)^}$>0j0P&<IHDxH|uOLIhkI4
zS}f1s9iF^?IeyhN$<w51-nO?0sybE2+0HtXEXk5A&N$=ju0?B_Fu1+|ezLj%=8il4
z#u;Zj;%vg%t;=)J9zDqvf<kcO;fyoRIOD8e&Hzv}ipIo_Tb!M8#+g3jto^!J9sOZ8
zKj(}yea0DQoN>k(XPg-fB0vJ9s5#?|GtM~Uj5E$S<BT)TIOEJO1Lc!XJ;>P({W8!8
zZqEzbvr{!NoF5-0YTzy;A31Zn(Px}-#u;avZN=G}%{sG{Dnn&(#u;av^<+{pXZnmY
z&bsIfBaGCQHyH4#2RYl*HyGFu!54haIC~stOVB`5Xq@$Jb|Gh+>9f^$TRruJGtTrG
zXPj}y8E2ev#u;ZFcP1o4A|z`$v+B|<-Cc0@j5E&k8E2evw*Alk3??Vjt51vN`MblD
z*DuGfnkIRgG|k)g7C}{~>Nwk3XObmZlEoQkoZYo(O%n#!7r;+e7r@+c_h|k0u;ptX
zN*B!y(>$bAh%xU8zR*W}!!(9bUgk+Uim|L>3{_r*x+u~zEjM0&mq%yskB7-}JYQ^*
zVo{YvUFWf=tJp4K`!qwArFk97(B7<7j#;&Jq1iooDR>vKE+jbPjI+-;i=1($&vwI^
z9n%bEN^<55#2II1N@Aq0%#`GlPtMGgG*eRW1)np{%#;KTG=;{QnUb98GtM~Uj5E$S
z<BT)TIOB{n&dih)5+N~DQo5zvOi9i-(`TG@*jXYsaw9jKb=;YWS177HmB$%p8*w(_
z?AGNuXpf#`3PB+_@o>f&XPj}?FJ}NK8b#xCNVhmU<%~0Z###Gyu{!$0Y<|ueXZnmY
z&N$<YGtM~ckTU~41W155<BT)TIOB{n&N$<YGtM~Uj5ELDgik%lnO||T;q7^0dv>Y@
zhV$d2L=AA}bi)~EoN>k(XWel2X0y(0rOHqloN>k(XPb7GamJZG<7|JOVT6&o@&*Gw
z^&n?^`UV3VBKU&O8E22<YzZ1@3XQYA%`W7OGkv!DZmXxBaK@QF<BT)TIOB{n&N$<&
z<IaRcNQ7i9XI5RhrMnBxo^i&RKI4ot&bI&ApTXp0di80sJb!n1^7`fYRnsI-lcssw
z-Xf^#R2^qK>rApFOR_lQjI+BIt!cvG`U3dL>H?TM?jEh*9=3e#L+PTqVVZ}u3NhwA
z!58|7Z<xj~%F8@SM=_RFjG@Y_P!~m7rsc-#@AByE{qZnaj^~R_QY@;nsOvlybrsts
zY@cSxvNW$l8QPn*$}y|9E;PF*F9q)c)`bLToN@LUXOT0`^x1AWvtydUOi9k1fjHyL
zOi7H?m6?)!^2wQ*l4eQ@zTk7lnVFKHfu_(nGgFc?ea0DQoN>k(XPj}y8E2ev#+jLt
zLLww)N=mnMn<>c|XZnn@4m(TaMsDPWGtTzN*``!Ye!B(Au<8t}VWPe`bDG?HXK#}M
zYFnfB{D)cc&%ats$A@3O{?mW`{c3tSK0N(yc6NSzc0NA*YVqCjZ1wM^SIgPi`0$_8
z=l}TfW4@S=4?lhL_wnH$=d-Kv;mhUpFVp36`t3iC`s!@)x9Pt=gj=3TyAIRW-#?7@
zA^iU2Xa9Kl)18Xb!M|NjKTYRXcm0RIT)odP<qaFrG>c{WeD;U-N&WTm+ZW$|*I&*<
z{NY>O@r`bR_~Sopn&#E&p4xAI_5E=_dlq|sf17_a{a7&dw(Dn7ZQ}mi-(B~2&;QQa
z|9F4@(S_%??bY)mfS)$~sm6K>IpOTq<vD1No@8Fk)MxsPGtRu2>BUT}yqL+E(<EnJ
z%=BWW7c>3wwHGtJnCVRF#Z33-{=As!#Y{>0P4Dl|d$^wd=wp{J*w)Z;!yVlX$d4s{
zEb(KBA4}Yy`}1RoA4?>~k0pLA+2)TW)?imJTD^aP6z^Z)j5E$S<BT)TI5S>dNQA_A
zb?KIF<JCFiOrLSaS^u16+i^Dd=jV)0UcVf_YMSI}(ll?|TLe{|s^e^Dok^BtNfu|E
zady|DHBA^?UjRQ@T>x{(-J|u}!<MgoC|xu+O!JUdA;!EX_(C7?4bvD#d6_5aD8{mi
zF;saK>Y_-?wA^_8T^^miKOQE_@qDpKibYixb)Cneu421{?b8fdmgaRRLwmDUIcC+?
zg=Y8UrQlt_x{%<EGtNHaEON$~KHCjvc1$zu#OunOIRkOVSr?sQgps=Xwa)nDQx9^s
zEoU3r9vdR~g3lRekK=3!8fXfQvqyF|OAfx~j5B@48E2ev#u;avamE>EoN;ERq>u=S
zkeDec-O_EQBxjuIGtM~k*&j0{5ma@YnJFn*k|kN3amJaMlHBPx&N$m`XA{nDU7myX
z=t-s!6oL~EXPj}y8E5@+27sbbG(PEji?dVCIMZjGwO<#jqd&~%=bUk-&p6|ZGtM~U
zjI$0oGcrqn1c)=vIOB{n&N$<YGtM~UY%iSw1(f3Aj5C8l3<g0^)p5p|!61?)S)6gU
zd(Q6tP={#@qrA+MbQEJ*#Tcr*3UyJWWm;~0-!G5O-X9N><#@i><h~bGS=4nNi@J(!
zK-#AnvMkN(P=@wqEfra{br;z^U1(4ZszEusK6>y4X{6mGEowB*oH;q;j5E$S<BT)T
zIOB{n&Nwr33;;#LnVDmp=`+sE9OF!%=`+qa<BT)TIOELBF#+1S0Fgq9Q#xmyamE>E
zoN>n4jn0HbNQ7i9XI5RhrMnBxo^i&RKI4ot&dfPPP}On9nK_4&C0U$t#@RNUHBA^?
zUjRQ@T>x{(-J|u}1IJJnX&226(>$bAh%xU8zR*W}#>^TstKeP0x{%<EGec%M<4m7*
z#+e<{3_J0<GH1>}oN?AgXBc6mu70gEKKayxoNde5hPKCs2)^KR#@XXITY?6fLgTD&
zWA8cROrLSa8E2ev#u;avamE>EoS7-Pzag<S1`8Q1grHLxX9f#NmSjm5XPg-<#2t6~
zjWf===WN2+t;=)J9zDqvf<kcO;fyoRIOD8e&Hzv}ipIx1ZgF<X8E5*8v-ay^b@YeX
z{G2n+^ciQIamE>EoN?A6XXYjdkN|PU8E2ev#u;avamE>Eob9DEpny_boN;C_h`}HT
zsyfa%GZ;j&B#Sf7I5QZ8JN?EPXPg-fVlaq8PzaoH#u;av84Ln|qER#kgBT3LnLgvp
zU=Ysq8E2ev#u;avab_@x011$y=8QAWIOB{n&N$<YGtM~Uj5E$o_~cU$a<(mJ-Q1oR
zwr8hmU^qWMO4PtzNIr7rbfeEW<BT)TINOS|H=A{4D^-Td;EXfQIP1xzV$Sp#XPkA>
z8AceXD{nC1Qx9^sr*AN@A%ZXXoN@Lz&X%BorqDR++w4NlIMZjV@3wmC31^(?GtM~U
zj5E$S<BT)TI_^wJghWWza%R<~Te`d8>=|dA=`+qa<81q%{TWP7rdOX9%ky`KC$C?Q
zUo}ngG-;Z*?Ja_;PStU?v(6+-vLuT$&N#bk(V8X<t}lR}tS*4L<L=S=?P1H;K9nw+
z8>V?ks}N(}6MUhM_=af=qrA+MbQEJ*#Tcr*3UyJWWm;~${w|Ns-X9N><#@i>B*mgC
zi@MHZQCG2D!uDx~EKBn`l%c&@s~odx>q4`8@>1|FU|mRX#u;ayaTYn_OrPzBGdrdk
z%#`HJ8Hh8^%#_4PU70D#C!d^|DQTvp;0r!yoS7*J8fXfQGczSQ(`TG<#u;avamE>E
zoN>k(XPlWSDI`K-rlfRBx0#Zhai-5W>#(y#ZsbO8IP17G6R%KIc`A=H&Nkv~!r86M
zbI=|=$rOS@aN^;NGtM~UtY6LmP&A6h=a6o3cFGxN`i!&o>tc2EhuQp`GtTrGXPj}y
z8E2ev)*)vGdI*pJamE>EoN>k(XPj}y8E2ev#u;aR#R;E!kTbvHWW(F@!uIS`4GibU
zM~NEX%;|<R&N$<YGtRo<?9FDK*-Dk6GC1RmGtM^cEaQwbea6}TI>QJfb>$5PeCk2Y
z_Vf(~Hbn3RpEJ%L$Jr7z&=eYHeVbj#8E5)z_1#uaJ>iTqea6{?oB^O{6b)ybab~EX
zpKt|8fH>ofGtM~Uj5E$S<BT)T`tA%UpcEHpocRpzW}OWtC)2A>i{<&d!;{x9$FG_u
zd73oM+x8YgRj2AW+gWFlC0UZi8E2f`wP;Nf2G<wBPgWPe+;OMhIOA+boJ}~pb$Jfj
zqbHd{PzX*uoN>k(XPouR832k#(U{nAi?dVCIMZjGwO<#jqd&~%=bUk-&p6|ZGtM~U
zj5C8l1W14sHD{c0#u;avamE>EoN>k(XPo(EpnUSF2RYlJUk3WX?RjB)cB%%3^W&pL
z4cvv~BWF%G`iwKqIOB}7tvGwLS!cFVWvC3!IOB}7o=hs{OrLSaSr?sQgps=P1_M6z
zAZL5}1_K)+_=3+FXOH7-2^we$jkCVZF64|eeYW~;tEZlD#+g3jj5E$S<BT)TIODA2
z&V)orgk&veR$aQKy9>^qamJZG<BT)Tw*T3m!Q^Cm^=Yv@e|LED`sMgl(<D!mrg_`m
zBB<(A9cMf1OtK_PvN+?6v%40pX~N+80{F@50+>7Q9<ARVwtVeF>7uz|nuoLsG3GtN
z7y5{An8q;5%REU(F_u+~p~|aJ7e!j8<;Lsp^62dS@i1AA=Zj5JEUL1o>pT{97273j
zpJvFiG_OM$+MBh?F{`#NG`lA+1@8jZg#>4uarPN!ku%Qp*={(qW17KCNzR;sIOEJr
zNsQE$nUZ|+$(fmwW=aaa;B&^AnUbJ^rqDPuQ<5`%#u;avamE>EoN>k(XPj}ynVFJ8
zA|z%?O1E^IDajdU`i!#<J4@t7Zsdlujyp5)3PqKt@;KvcBhDtA-MTyn?a`A=At(eV
z9?m%9j5E&q<qQBtqiB2%=@w_FoN=blIBUNyR!4uB&CfaGOrLSa8E2ev#u;ZFa%P~1
z00|IhoN>k(XPj}y8E2ev#u;avapqT?@Tmtm^D9m^yge^$&ra3AaDIH0r~%HLZaCwN
zGtM~UtQ*eWY}T2rR2eFRGtM~UY}3v%&N$O&ob9hOj4)DH-eAC|9^`CK-(X-v1Yhtu
z<Lq&qEkOfKp>fu?*@c{Orq5R2ZS~X>&N$O&oN>k(XPj}y8E2ez+?kLFiIA-2%&JSb
zba%noGtM~EXPj}y+4evCGnkxAuRbl7=kE?rUcVf_YMSI}(ll?|TLe{|s^e^Dok^Bt
zNfu|Eady|DHBA^?UjRQ@T>x{(-J|u}!<MgoC|xu+O!JUdA;!EX_(C7?4bvD#d6_5a
zD8{miF;saK>Y_-?wA^_8T^^miKOQE_@qDpKibYixb)Cneu421{?b8fdmgaRRLwmDU
zIcC+?g=Y8UrQlt_x{%<EGtNHaEON$~KHCjvc1$yvDan~L5NDj3DT$G~GE<UIJ~=Z}
z(o9Lg7kth*GgA^Y&=eYHW=e9V&p6|ZGtM~Uj5E$S<BT)TI5SgHNQA^pN$HkuGbK6W
zOrLSqVP}cl$c@}^#@QY@+mx!wZ?`}hR-IurOw<==PLq4@>}@hYZEMt?|1eAb`B#hS
z`0&fufBLV#UrjH^ho|4o&d!g|&c}yeExucxt^VEgYB@U_AO3Ut{2yO_%op?V;iqr@
zK0f^8e0DWHe7T(dWx8BWzx~HiU!5)fHvQL!aLY4k*J1kl`-jm!gx{b1>>n?Gx>IpF
z__xdHr|JCauK)0ttM~b(ykR4nX0c44&;HOpslQ%+`{MiW`pbEUKYXh@zR^t(fBc6{
z)4W>UQ~S-YzCZ3~&tlK-Z}X3)9}A}5cKuAMP28XRyX*e$`QKUlAMfu!y72tAy?TBG
z@YAM0)mU#KC!F27JO}O3lgx{m`b?j3#+es0y_kuW7c)6?n&ixjnO@BFVx~X7_F|?N
pGo4AjnCbr9pBFQ|m?<g0>HYnA57*NleeCiD+ZtMKxTCuP{Wp;yLx2DP

literal 0
Hc-jL100001

-- 
2.47.3