From e43c1bc9117d0c1e356f8de33cb7f9a516747242 Mon Sep 17 00:00:00 2001
From: Dominik Stadler <centic@apache.org>
Date: Sat, 7 Oct 2023 22:12:50 +0000
Subject: [PATCH] Bug 66425: Avoid Exceptions found via oss-fuzz

We try to avoid throwing ConcurrentModificationException,
but it was possible to trigger one here with a specially
crafted input-file

Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62861

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1912797 13f79535-47bb-0310-9956-ffa450edef68
---
 .../CustomViewSettingsRecordAggregate.java    |   5 ++++-
 .../poi/hssf/dev/TestBiffDrawingToXml.java    |   1 +
 .../apache/poi/hssf/dev/TestBiffViewer.java   |   1 +
 .../apache/poi/hssf/dev/TestRecordLister.java |   1 +
 ...nimized-POIHSSFFuzzer-5889658057523200.xls | Bin 0 -> 13362 bytes
 test-data/spreadsheet/stress.xls              | Bin 57856 -> 58880 bytes
 6 files changed, 7 insertions(+), 1 deletion(-)
 create mode 100644 test-data/spreadsheet/clusterfuzz-testcase-minimized-POIHSSFFuzzer-5889658057523200.xls

diff --git a/poi/src/main/java/org/apache/poi/hssf/record/aggregates/CustomViewSettingsRecordAggregate.java b/poi/src/main/java/org/apache/poi/hssf/record/aggregates/CustomViewSettingsRecordAggregate.java
index 5b10c4ff7d..dc94c265d6 100644
--- a/poi/src/main/java/org/apache/poi/hssf/record/aggregates/CustomViewSettingsRecordAggregate.java
+++ b/poi/src/main/java/org/apache/poi/hssf/record/aggregates/CustomViewSettingsRecordAggregate.java
@@ -73,7 +73,10 @@ public final class CustomViewSettingsRecordAggregate extends RecordAggregate {
             return;
         }
         rv.visitRecord(_begin);
-        for (RecordBase rb : _recs) {
+
+        // need to copy list to avoid ConcurrentModificationException
+        // as there are cases where the visitor modifies the list itself
+        for (RecordBase rb : new ArrayList<>(_recs)) {
             if (rb instanceof RecordAggregate) {
                 ((RecordAggregate) rb).visitContainedRecords(rv);
             } else {
diff --git a/poi/src/test/java/org/apache/poi/hssf/dev/TestBiffDrawingToXml.java b/poi/src/test/java/org/apache/poi/hssf/dev/TestBiffDrawingToXml.java
index a87f34aad8..b9abe815f4 100644
--- a/poi/src/test/java/org/apache/poi/hssf/dev/TestBiffDrawingToXml.java
+++ b/poi/src/test/java/org/apache/poi/hssf/dev/TestBiffDrawingToXml.java
@@ -56,6 +56,7 @@ class TestBiffDrawingToXml extends BaseTestIteratingXLS {
         excludes.put("protected_66115.xls", EncryptedDocumentException.class);
         excludes.put("clusterfuzz-testcase-minimized-POIHSSFFuzzer-5285517825277952.xls", IllegalArgumentException.class);
         excludes.put("clusterfuzz-testcase-minimized-POIHSSFFuzzer-5436547081830400.xls", IllegalArgumentException.class);
+        excludes.put("clusterfuzz-testcase-minimized-POIHSSFFuzzer-5889658057523200.xls", IndexOutOfBoundsException.class);
         return excludes;
     }
 
diff --git a/poi/src/test/java/org/apache/poi/hssf/dev/TestBiffViewer.java b/poi/src/test/java/org/apache/poi/hssf/dev/TestBiffViewer.java
index 3b8ee50d96..218ecb93f6 100644
--- a/poi/src/test/java/org/apache/poi/hssf/dev/TestBiffViewer.java
+++ b/poi/src/test/java/org/apache/poi/hssf/dev/TestBiffViewer.java
@@ -43,6 +43,7 @@ class TestBiffViewer extends BaseTestIteratingXLS {
         excludes.put("poi-fuzz.xls", RecordFormatException.class);
         excludes.put("protected_66115.xls", RecordFormatException.class);
         excludes.put("clusterfuzz-testcase-minimized-POIHSSFFuzzer-5786329142919168.xls", IllegalStateException.class);
+        excludes.put("clusterfuzz-testcase-minimized-POIHSSFFuzzer-5889658057523200.xls", IndexOutOfBoundsException.class);
 
         return excludes;
     }
diff --git a/poi/src/test/java/org/apache/poi/hssf/dev/TestRecordLister.java b/poi/src/test/java/org/apache/poi/hssf/dev/TestRecordLister.java
index 9135eab884..7f2f85dcbb 100644
--- a/poi/src/test/java/org/apache/poi/hssf/dev/TestRecordLister.java
+++ b/poi/src/test/java/org/apache/poi/hssf/dev/TestRecordLister.java
@@ -46,6 +46,7 @@ class TestRecordLister extends BaseTestIteratingXLS {
     protected Map<String, Class<? extends Throwable>> getExcludes() {
         Map<String, Class<? extends Throwable>> excludes = super.getExcludes();
         excludes.put("clusterfuzz-testcase-minimized-POIHSSFFuzzer-5786329142919168.xls", RecordFormatException.class);
+        excludes.put("clusterfuzz-testcase-minimized-POIHSSFFuzzer-5889658057523200.xls", IndexOutOfBoundsException.class);
         return excludes;
     }
 
diff --git a/test-data/spreadsheet/clusterfuzz-testcase-minimized-POIHSSFFuzzer-5889658057523200.xls b/test-data/spreadsheet/clusterfuzz-testcase-minimized-POIHSSFFuzzer-5889658057523200.xls
new file mode 100644
index 0000000000000000000000000000000000000000..e4096766ca5d18abfa39091bf4119a6b5458c656
GIT binary patch
literal 13362
zcmeHNYiv}<6+U<UT8D=XnD@hr4aQ&_Yy$=YjhAB6f@4622-F6Zm*WQ)+)}obN^zY+
zU!hUdpoB_AQS<ndRElUTMU@&QL8_>z1VxpiN@-d^RaHf8grigfRMYMEojcdQJHBhy
zV4|wsvCo~^^Uchi$C)!{&fF`%n{@4^pUt{1fl!6?Ba$QkP8LdjfbSqpLWoJR08b|Q
z!;hH;i($f0(qmZ9SYzX|x(17B|9rf8H~ux)Q1ZP???o1!EuMY)OjN3>Z@)1tgUw(g
zHQe?SV;T33Wo4tPtAeABkU^oVA$jhA$DzqV6}g~15a+xA6a^K69s-R6jR$dJCxVJV
z5CNG4nhcr(DgjLeO#@8_%>c~=%>vB^%>m5?%>$K!Vxak;GSHvUhW8OK1hGqtK$Rdn
z)Szig!CVHa1=T?y>k%&piL8_rcs77mfd;2Mq~F6>@7SCOYGAPW{9PT!93}7SDD#hL
z_VViT^7^H<$z+@K;O{8rqFD|jJ|f4xZfE$M28r=ohN&1ayj%CfPrl##TZi-FXWWUm
zACZHyPup?OXJ;HwmWboOpK&GyIkSZaYorbmL|Os5AiMFTWTghK2|Jwd87*73?%dMW
zykTowlgKxGt`%p}I<C54&@wG8@gOgK`c`^~$i~{5y4r@-HS0f%#Ule|kRrJ<sV_fy
z8u66A0*y=h@{)TTmHTgVjgKa9?pab5$!H2@koRtKl|dDsYL=Iv(F)}N_DcS7$j{}@
z7@vRQ{GMx#e(cCkG188_?!@JzV{5<jR^zHiU)!~(d_(7s7M3{xii0?&pXu|ZkQz7`
z`Wur;2RgM#B2iV{4wN=hc_mPYGsLNoN1;v2WIfhcm+Tc+VzL1%y&5Y$ArqX#@*&U)
ztb!GIu7~zMBb!Gm)`Nw590l8@8|uO@+#s7|3o70!t*9i1mo_8bsPPW`ZUwRhd3GRf
z!;45^jS8!M8&rJ-N}tf7IH}JH^s%+#^u+`9A2u!uq$`oWcH`#1?)2VhTpUQZ%Ac{n
zwW5Xf7?)c7HKA>z4Nk5&ABg1Sl=h(&+!z@+#RExB<t|-09(SytcdL4PQ&VdWv<T_Y
z-j1&QJ#NpDSpD+a+E`OqPdAtbQq+Qh+cbIX-Te~lWnH9Mz66trK=Xmxh-L!KhG0AT
z`uc==T$OnskyI{#K%j}hrE)KUGC>Lp!S>`hX)>9DVP;AZ`WvhxnD*c2x0`bthWq)_
z#Vo_JS(Pg?8kKtk25x~Gh#k@C(m^ZN1gv82yg5xGXQLG$9~d70dXLXL6)l!iDLKow
z*`;j_KUCVz*}d<T($DRDW7Cf=U9SK6tDU>k=j{6B^Y0(4`c2DoYr6j;ozFg<K4<R6
zi>nGg`R?YoPT#EQsy%rjea<rzE+3zF;iLH3H@`Uh;0JGSPM>qzPpYo>ym~YK%qufr
z>|ECTa{8PvT>tB{Kc4qu%P;c(wsOhq(LF;sd9EnL=t+LD)Wj|oT*NZS$66Z~;mN@Z
zwDZRe;G7Y0WO1H@^9NP!csvhq*F$=eE`nmH`+?U!{(bAdZH-@2{u1R^>GNC4=|dhr
zEQH;Ir6W%PIiKsFT!NbnMT$ART|8IVkEiFZ8@SVZwb7479z*%4JgH|Rk>}hZ2v@HD
zX1PBWd|7`>#IvW^8*kA@BRoAZy;;|OpVJ&8&s)@~JTCHxto8E=^HC+)Jod=u(XzC8
zJm1;8f)E}@%g)D5!RB!uZ642yHjmbe&BJ*TS#2&y%jR**uz4Iqo5vHW&EpBx=JCX8
z^C$;CPn;qhX`X0p9#6P7k6W3|qa52jo``K8PslcpTd^-4Xp2e*PtXyWsFL9Gc%rs>
zJYh#<uAfi)QEKt-=(%2`L(lL|gi_&1r@Re53wFR_bcDGmf8Bb@?~U-6gY%k5e<Lx<
zp{u8VVmZJLfg^EZlt)*$cVe)f6pJcGxpdWAKrGK-#fq^du6hxO<r}O-G0Lf{W&^PT
zgUwKk^6IMBfmqaFa}=Z8y6TM}R%o!8Vw7K3y%faQd-kDBG0L&4-V0*m47NZq%CoCp
z4PxUBR-qW=8W`t>*aU-BDn{vc)eAywqQRCZMk#mIJ3_3;VAYCI+G)Xiby8Qbol6y?
z)Vu0UVYx{Lt5uBB@2WN<HrZfxig6XVI>W@K7_43~t_D}i@g!Dau;q$zRk*UiU{ejY
zLNTrmS3Nl_H_c!x72_&#VbFVZPB&PCVq7h*dVW|A#~1D2D#f^JT=fVMn`yAsigES0
zve?u)%V291<0?8VOAIy}SP#+<E5_ORid5lA>7NVih){01dcKM?lGnz0;2%ZWlXtG7
zgqp5wM=7wcfg|xh;7D;9LhWMjnh2Q~{U7~hb9AM~P@%ng=ZEmPKiT;>TQ-lgWb+n=
z@Hi`WzC|It$`Bq$-!98hw|N|Go5zv1c{L%trOK<Oa>A4q#W+_nBopel;e5o*e0VyB
zW0p`)A+h-e^K=ZyE`fufH^*fL^K=ZyFo83%hm{-5(=i;&gnArV=K_OyI)-DKP){VW
zg$DC<499i|t1y_SV>reM_%6NoEi#y=V>s3c^=PurN`rYihGU*kLzdWLgLyiJW1o=K
zrp_e>^K=a7AR%iER%I|x$8atZ^02|G4d&?>&PhVn8mz`(o{r(%9FuhhTMF#!NY`Oq
zl*turATykiR>VJK8?Cwi&!bFCqW#q54u}R@k>vDqo{A*5pQGVOVLvsY9U}6OmSY+2
zE{{Ye%bU7u#RFOCE6Ir|!@;YVq6@}0Qqkf;7fcS)?3m|hrh-llJThpt9^~K+(5g;)
zo05ItUoN`nIKD0E$Lj)~A=}ChZx-i_dsu3CfX%Xx3E|D+WN{lz4G*wc_BkiKS=>oz
zMWluY*ev^?7TzpR#8Vpu@d)^wAovER@SMw~A?Ev>;!fOoH`eFK#CwVDw|c+X&XGda
z=QPsjWQP4O_@J_ea@J6$0g^S8Z6lUDpv}t~$~28>Nb<@)Yba+8<*cEMg^)Fr<B~O$
zAqWT?ya?ufYWRP;oK5YycTt<YthGnQ`)$ifc&_{B@<5oqY_>0(BRGnS_}&{o4u0Qb
z-|2=s0O)W0RGmwMm(uv^Xcs;^3U3x2mm_XY^tI9FRivLCd0&7Izeg3^-5Q@)US6I*
zN`CD7yvF2e{-3>Qk%r+{^O0c}`-7ukKE4_%eYdOmp_~V9rhY77Z)8I`?K*9jRr;K^
z&n<mU+i93Sr|tC|$~oMf=#S}tSNwugj|)QYQ{+rrcJ9>k&dZr*&NScXzd~irj~98m
zyG`10kJN=*r!L%29Tt8<*Ml3_Ov5aE1<RV~#bn5&-1nHtIMVZEI}T)r@V8gL0N#W)
zJb@M*QO;4*s`Ry1;{8+~P=wls^f^U-#Y~vA?VauIN9%r|_ri{xccLKK@poQiKJx`?
z!u~d`CcmHef~=ZvU@wDIC*%5gzxfW_{!w|#fs3@i5e|Kc#%12e>>iX?bUX+*kI|dx
z@qjES;k9-0kXMy{L5?byC*eeo%1OKk*=2ups_aLM4=cTpyrtLG_|a>E0S2R{O<Nu-
zlUuR_wO_unxqA=@Nw8M-!w-&htmtlPe`4>GX~Vg+$VfoKJ-Xe0Ng%#$(taF(?jflH
z_e~YOjASqPint8>DBO(2eSH+(UWKpQO$fd&U7EsGcrYD0dOp6aXBb&}8^%_8D^sP{
Rm)zlv_XmdYaCBtOe*l0cwx0k1

literal 0
HcmV?d00001

diff --git a/test-data/spreadsheet/stress.xls b/test-data/spreadsheet/stress.xls
index edc99459a8dd7b3dcd83516156044b99c3d60a02..f6f4afad62066498be30ed017572eb227ed67113 100644
GIT binary patch
delta 5609
zcmaJ_dt6ji9=~UJgoq4EdcClB1r153HDKg1j;PlX^MQ(GI+pK8X)2mpR_kiDZrfIy
z`BPAN2qKt*AdCs(BNI(SOwCepQ+sS%mShU#W}5puXMS_&&L1lu&gY)*@B8?jbMMSO
zxbm>y$_BsHaUB*a^e;?N7F4EY`f2kJn2*1|-MxF)`@4wG-^p-R`OgjNnmdL|f|Vi5
zX3Sc+WKQOS#jBJsrClw&67puioB&1H?+)+qY@g1Z6lK_g=cdh@Gc#&o=HfY=*)IyB
z45#~`b9u*z{!06Hiao&*-xq%!@kuFtmd#s?n!)qj<I|t?gZMG2u9Or<QesM6Vsc`F
zJs~cRGdgqEnX{Hf#YJT<T@sZ!J8F97(gia;%FG$hL?t9eEy!FFHJhVdyyU)#X13cs
zCLkapLb;@Lxkph#a6J?3iqab|#^dS&+PUk;O=K(5#$p=&TaFBdKRF%S<`%`GoC$85
z`zd}(+VAH6iocT9v#lPW1Sn}QU_;~=s01oGk!^KsgXIKy=87eh)7(YlNB8e>2e<ld
z6n9s?LyTDhaTchk3ddI?qAFLQ{aP2h0<*;Uz8JN2quKW`XPpbjx^;&318LVuZI;kp
z1wG4Uy^7b|FB=!BDowB|%dY)MifpM^Pm0r7k?a~YWyNSe5of*RY!IC5V9Pex4Va&;
zvg@!a+t6+hbE9PD5c4uJn<09=%38p&-X7bEIPWD_todis<w{+i(6s>kj+<xV=1Fe8
z;NFC$^)7bPJ#<5(h24bcT)X~XEF8d)0wGjUz#|I<{TEo2>tesaaWTf^8QLwx`NkJX
z<1NHok>_H+LStSeyA7>*G1?ts7E5M{VEzjB{I;c)nA$Co+^xiYD?gI`2HWyu*c~{T
zud=)FZN8!5y%Al!EBV_5|1KDt+N#@Rb-SoC$l2s#3|cqY6TMqoYRWH_iZY?FU=H7n
zGVw6@!K4B^^M`i|RAzx~1%~ENee96Ba-j<VzrwaY%4M~Js*?&0i^8CwunP->>OvQe
z9XGe#ib`y%2R?nCTTvxMfiP{ei`@fzHybPn?rc`^x^t1CwWAhx$&mL1KNvELIJ2@y
zWx?<fGTRe#w`5ieW(f4yVrU(xS}m(JR9(Ks#X{j6a;(JJBRRE#6AJOgh89NET3OvI
zsvY5tVuN*p6UC}E965YL_lXU?7n+OhQnyd)_6uD&3@kBNXLz|pWnExHNitL6G+uXw
zD~M}u+tzFgPU^N9S_DNOlolTdi%8J78|)7-WxL9Bcz(N~{gIf5B(qL1yTNI!Mp3m+
zRu5CvR%*9KW0g05SUfY`VScH~y1}Ya7wZ9+OAU4(M3<>}?I<&}7;-u)osJ2o9sp(b
z*q-EcOgP07_n72<B)IoOQ(3asi>e>VYQ3oThSVJfv%!iTD(el|JB(QG+Kx+RgJ3>D
zX$`dLcX!z3jx|W`2@e-Wl=Dr0t6XJ&g5q)~>jPhw8`^`^#YxFOCHQ^7Sz)(&*K^9V
z9#~$XTH`47v`B4&q6)hfPcEmW%O}Dm4z5)gECJ$os>}|<cDisZ+G%KgiT|nOe<t{L
zxU<t>i7>EIWl1o;($JELc~&yd31$*hR=QXUw6BVcy@m+??mCa}C(ldcJieJ!#X+5(
z7v1-R^eWYwLRcepzql$!ejPUop7-mxQ6^pxi7D`YmEG#~yg;7JtuiNQZbR!&o&HPe
zJ{P)FSd7&HRQ+65FH-e{yKSE@(mq>vscay`?lNM%-^-Vz?y}Ggq;*`Tb-caH&IY;b
zb}eNvb*n$Vmom17<2#3sEqsjRUyS!C{DvyZAZ8U0{1<qwDg)u6-S$}iy5JvzFGLFl
zwflvP{ZeoTL*8zK4S>tLRW=xIqR#t>eC27KbYDr`*FyIYWK<j4!&LoRR{t%kL!h+U
zU}?})t+F8yP}Ao6jmh;Jsr!%64TUK+273ewYg9HA_S6{KFiQAVGWm%@Rfa<N9z$!!
zYyO~oC#zSeI)4v;Ls#tKK1Y%H2>E<3nf!F2D#IbVHj<5i)Y=$rByoO_9Dc@7m2`MX
zaI$Mt^>pO$U2PJ#DG2MHnFV<x;5xdDB9|uV!cQftG8!J-Yp^k}Xs^mf!|QtuErXcX
zB$J;_IP+_)j-l#LvU;7WsryE+;Hmt4qAFvlqZ^{55X3w+-cbjf@%_0WKS(#k2k9xv
z;%Br+Dd~nx;``d>+$@~?lBO9Ck?IO*-7Kw}P1eogMn6W@&C<HXWZh!g#ujd^v_l4O
zx<xv-n4DYCc~*C299g$WYyOF7>$=rs-72gT$+}fqx0<Y5O-;ALYy0Z_o>TlFeSbtK
zKhI)gc#_4d0NB{r&AoQNgGHawJ0tEraN_~GecK!rEXV!hfg+3bak@?1LRH2?!3VwA
z1gQVO#$50-juWB#Asc%FM&bA*ym-jwm_&*|q2R6a8yhGVG8t?9EEtFjiNGI!QN!~%
zdQX8%ha%ZzxOFJfF_k=mOddfdk06r=-+fh?2BYe@$K1L|$8_=tHhBb_Jc3Og?S;n-
zI3PSOpvO$|;D3{-igzs`CXW!42Y+-`Wft@~%=;LAIMOkjJVH$#p(c+|lZRD!JO%l}
zqZU1$CXX<aN0`YY%;eEgc+7#&BfO8^M<N|_$)l6Wqm#*_lgT4ocsv7t5gr?HoCmv)
zB(wSO;}IKM01+SBSSF<5xDcMjaS`O>_$<_an9LS~<!CZn0{xEK*ix8{<8!bE$LHM#
zj+R>3GMHO$V=q7!jxWNY`egPJ+^SF3|4dEZXKM03(d2J1>UgAeIWb}cV+1Tat~>ui
zSWgdzvjg~NWKUG_hs^t!#fs&uAZ{$_PaW5-D+#-wu-k~eOjs|%?r+eYuMpPTgW-(l
z^!CZIiJVu7YZKhR!pa8Sx{9y|2rFyQ+25eP!Ny*LpBrq}zf=7|s>hw^WqqBnIKrMj
zp*#OUSiA?r8Sf+Br;h~D#~Z{=ApOA;y7f)M?1WuK>@C9j64v!&-T6<#5=}XYJ~>Gu
z=WXI9k$&OFx^*>S$%N%1_6}hwgdM}2HH0}#IS!wkej*2m+mG~7Cw1#u!kmPSL~I>l
z{RvxkQg>z%mTJmL^~o6^a<Yj#fb^%(b3I`LJ(&CU$vlg71A&8x`0gjVb0cAfDah~%
z8Z3fxh&$NBU2{ga<`VP}Sw4VR9$^m?HsOr!%qMJ!DQ1XIOqz(<MBFse??lf6!iEy|
zIbwx`JwjN}r@C`9VZ%Ha&iL~-%qM5K$SET3aMDlxRJU#+Yy@F%B34Y;NWy9`r-ZO{
zQ%<^1&M1+ymAIowANHAUeV4G&g!M;k8)0Jzd-^loxt*{KQ%;6Y&RCICO5CxeKZu@X
zggr{wRm64>_84JZ&+5){!p50$#`)wtE^;b}`#9+rp4F{82^&vXE@G90O(5(T=2Q{p
zGUd2@awdu#H*qJDKI)uq-9^|FgpEY(J;I(OY}q;8xtp*_rkqJWIg>?BHE}1C{uFxF
z5H^Ld+vnz6_YgMKn{!@w))F?&lrzmIXS&GQOWf(+ob$SMA7L}RIp@~|()nj?<2+dH
z-}nFgcB{JJ@C(8Jq8x<&D~AOXG03<W4iheh1Z5AuwravJjSQmw?}e2YTk!3-^wO)A
MK4;yxE(QAi4|@`)pa1{>

delta 5273
zcmZ8l3wTXe8a?~wArWyzaC&5pmWt4;go}tP;>0^1@hUD#Fg2r6k7BAF+Dtp`blQ5f
zKY|KD9wd=SZd4+vq8_2*H6D2okEszVWZI5VE&88*|GTeq<;(ugUTghp{d?b?oE^z0
zeUcCRtd0zxC(*xVl9W^sGv6op$<wD#-QV-!pik`Qi2;SauLnGLJHe1PmIf`I_1c2P
zbLP)m^r6&DTC*44Z}OSnct1%hc7_JO*#*)@^l_fIzZ=rp);+pg5B!eq)~k1yrAdpL
zOHy1?Unwy_awd(O>f@X?#?P;LbLq0ws*xl$LGN4LC8;FHxqQN8_Fnwhmb|m&$T0j$
z3-Qb?l0~}I*faN$e5Cki=Dw1z6yL$a`$>LM{M)UBpTFcUrG<HTjAv;9uDN7sYUrF3
zCMEP$_v3O`VR1W2!IH-~TaBC|)j|0h2djg2YmIRkA1|&=V7H;eItPx)>vZ)FDw)M!
zT8otmuU*G$e}L+B4*3UsHvCd>X^M0g;!<pCJyoQLiuF{nG9`@NgY1-Wb|229D69eM
zQgrpdq~9R)8@av#;?{fEje`A>*iGwo_9N7;SJ+SRV7)EkXT*(OHu07Ik6bs2x>R2G
z6O7*A(WaWTsY1J%Yac-N1_yiK^xarxVGp2olTG_S62^9>nYME)mp_CqsSfrKKIY?%
zR9*cAabxqg3*&TB_TB8z9^tdma0cHz<K(zz7Tn5Tp>T7!`Ww|}i26)k{|Fj3dlr#t
zT12MMW|202OBj0$v$uHsvV>*_*F1srExP)Y(sl@TC$Ueq=$5Av=xME(1e4MnI2NYa
zdb)Q!$J9WMD9`2PjJXz;%a>_^)?01N2S#mG7=zhcb=3!XW0Q7?x;$Rz3kQ&OH<c&Y
zd}3Q~^RW4X-OX7)SiH@_{NU6!&qr2(UA~B0>-q^OBwd^B4(1O_x9e&n>cc6#inzuf
z&LJB>Y>{C1a5fM+r|YZ{%u82TAbgartBpzdl~C^G${@IgY!hPl3bvToJ{b-c3~MrU
zwJB*zgk~St1jD@yoyicHsjy}+G*gcVA!VshmT_fs#ErvL#`ioFc4yjDnY3j>`?X68
zzh&yI1@y~OSWB3Y6~$V?N_<uzGfQXBIqR}gEI3Kd)>V}(4hV~b+@dv9BO6BSLBSs4
z>>r><j;?CN9un-goNWUub9DARoXJsG8>q{%MZADYqxr-9Shc0P!=mm8)y3sHSUcF1
ztFsrOHdn#t2f4c1p7h6rzMSjZ!RTGKh;Z^Q=iVJiTQ0Q6xi$i_cSWfki9IgZ6P)b?
zk9O(mOT?ZK?03YD&(kB^tNl)}Cpl}S{FC&-l;zo&3JrM*vqC_=uC^f83Q>28*L8-O
z`F8d)Y|htN7r2(M;Pb<LTTl0T&Y0G7MpU2W)m<s|EKj`)iMwrTBqf~{+H)=~<nGp4
zH@LT3Vco&Mz=308fv(y}e_rS>aD8{!hingGF9`M`XL~}6LS5}e>_x#|B6eP(V@?#Z
z#^+thyL0~@ti-pYBHcrs@ynqS-;J)<PbIz;6{)wVF<xuY<X<WLtGK`0xr){u=?oXI
zi7LKh?$<<>sH}EX!ZN2#cBfQxZ8Yq6Dy$D&bn2>|5^F@=WnR}8B8zl2hS<x3y+Z6K
zMV>Qw#q^n75!za=?FZi%=@ITXNUdP6x>#EORa)7IJvJ8WOy0AE1sPj;jVwm*wM7`O
zEEi^MRex&jnlQZ1wK`<)^)!B6us4YHE%r2i!_@c<q5U`4#=*2=oehArVucNa;$mGL
zM48_U<xQ>}2+d18t~X7tH-+{;Tss(&N^~{^@=6po7><_c>QHjMC6slfd|{ui{)o@U
z!KoAMZDQYfhP^FV<DR2PgW)`~L&*7#V2yi@A`OEsrC}@{;!DHXa9B{PXd_T*?Co9C
z(Y?!$Zak!y#t20{R|KGsp|2;!lhSZ?B&F4hG~>`K(kSR#rn3Ziw@hK9U|pH6jwa=O
zp==;!1F{LkHVD?ZSs6a@Unc<jW<RTdt2JtfEcqCV#qE*qNGN#<^5y59fd`^l+e=zY
z&bV%?c>4_U%<*Q-(wwsnZnwx|Xw`;=B8`QXhdZ%x5PR6l#=~43Ux5@HC&0HjPK5h7
zPJ*x_VbOSR;Fl+V{9$g5U%q@V@Y;$llgYCY_w0$7u}_WoJ~?3ikuWv|K7Ga`z~m9g
zJ*JXJpvfbUJg%b0tMKbH9*s>NLEK{+c?6j}g2*G`Xc(IgbB}t~(!}Hu%smpxBiQ5-
zOdj8$#|)@>#-pjpL*^bc$wM}I$mG%WSQwiH!;g9TXlC*V;U0e^j}Vhb2zhKlkJq5|
z8IR^Bk5KM0n><2I9--tRmxr-Gfweq}{TXJJTiF~~h2!f`isM|kg<}$g9=EbLAoh3^
zn+I><I3My6SpYRSE`&xWtn5vv?L>}+ErP2jt!yy_Ran^)h^mNUe}VZGQA6IM7TTLy
zXwO@Cj7=K%@%E<H!+GmVsV<z?#Y26CCcjNs2g1}-n*ANZB3u~G_Tyh`5$JCmQui_K
z$UXl`+KyDe@RTMmBdil)sfaBn>?OjEW6ryTSvmF|&Ws$ZS59Z1lT6yqE-kb@t+BsB
z>}e}|ALgF6${!HlmH3R)o#ek07D?EZ)0+GtVciG|Jfqn^BCNX$!<o@XcdtHdypMm7
z)<*R+&S>(-g!Le71!DgstS4b5nDYr?y-Yd1ymF#=&Zne}qWX}tn*14Iy$Op!Yz1M_
zgv~jt*;f+Q$CT5@E62`rR*}|D^#{>&HDP@Tt4Hi}!eR(h&uR8A2<vCc>F1Rb%X5IV
zu`aE1;ki_cyoSL3WU5`z<h6w9gbll(+1C*kX9|k*3L3zJQb;?1>bIijdcp=0R)N?C
z!Uhrc3+8MjY_KV3uvg9yp7SMXhfw{Pi<-QNu%U!4M=X`FVTA3xsM$9Y7H`Ul_sSX0
zbGDFnIMuUDnw&=12*O@QY%5_S33FW1?Ar(%<-%}g9PCkEImZA0DAIP)CQy9=dZrUL
zny@Q~We_%ou)s>qo=MnPQ_fhgoN+uSi?rjYenzDx?;vbEVJi^ZN!Tldm0(UbVG~R_
z6TEUJ@|+yfPNe#fDoxHMY!YEHi0vZGLD-xs&7MctWK+&$ube47C!e%asQw^&?j~$1
zVfBa=5cVozYPDuBBy5@~XPQ^ebe`iR?R2VNSp9}vL|CFbr&^Qu5H`b|Q={3xB5bB9
zXQo%qES|HMw6okfHDCDCwJ7j%QekbhPm@SV>W|vwg#!{9jJX~Pldd-jIMh)Y{pdjz
bgSNgcAo=>w_=;O{;{!{{znqV5`1|}0DUC-~