From 8e79d9a4e00828777e17276571fb8ed1b7cd49aa Mon Sep 17 00:00:00 2001
From: Kevin Backhouse <kevinbackhouse@github.com>
Date: Fri, 2 Jul 2021 17:18:15 +0100
Subject: [PATCH 1/3] Regression test for
 https://github.com/Exiv2/exiv2/security/advisories/GHSA-h9x9-4f77-336w

---
 test/data/issue_ghsa_h9x9_4f77_336w_poc.exv    | Bin 0 -> 34573 bytes
 .../github/test_issue_ghsa_h9x9_4f77_336w.py   |  17 +++++++++++++++++
 2 files changed, 17 insertions(+)
 create mode 100644 test/data/issue_ghsa_h9x9_4f77_336w_poc.exv
 create mode 100644 tests/bugfixes/github/test_issue_ghsa_h9x9_4f77_336w.py

diff --git a/test/data/issue_ghsa_h9x9_4f77_336w_poc.exv b/test/data/issue_ghsa_h9x9_4f77_336w_poc.exv
new file mode 100644
index 0000000000000000000000000000000000000000..a8d7ae4ec00ce96736f4f50737c9b26717d8b491
GIT binary patch
literal 34573
zcmeFZcUV(N!~cCwLJ~R*gx-sg&;tSK1dtXfNvI;aG%>KsQWOOj4JxRJbPy3S(k-~6
zprGQSQba`|fUC&5C@5lAz=G|aD7)*fW%qur-}7AWANR*A$v0=_%$as(<~up~9(7qA
zon-p{X2uK@Q3&GUp@#?}2qJ+Xr~raOH6jA#tiDS?5Dbd_a9k9IVP`dt1J6J)2oWAT
z17DJ}`U=!ivvK%o$$X*}QQU`g?!n_qv-%m-%Adp`&1wuhPJwC4!_OJ`GM!Cd3MLx8
z>0>^1pgy+-K^QLHevU!v&Oao?{g4p0BKn6|_1}-pr<j<`Q~wC!4%6Z1>G#i10|S;M
zs8ftgOkq^S)P!PTZ9=g&HBqOST2oA{%`9L(O4onPy(i4tu37B|wdUrJwZqS`?yOeF
z!kWtcSUVvwKwwtK@pZoNhg@ugnvnnTTpT=CXjV%?Eu8=HT3Im8kNE_|AQ?dlp_Z%o
z^IAwH;X^v`QV2S$`K7}^&2P^(STktV$N2Cog84*aKhd~ZZ39one{x*#6D{<K7M|5G
zJBa8fntu)c^#$O|6264t>q|BHrDHJahxk1B$xp-4#~JbRS`76k`G=Z+O%7%R_K}Z0
zAObd}z^o22LlE4oF4IR5JVJoqU>%R3L;}?OdJ+}ZhIR8XO@5frY?|8qu-W7M>x<25
z{yE~a`u%&@vuD$<3qug;+2j1O5@$8MhY;CWZ3?yAtcDWypg+r^@QGHO)%>!l%%(5M
zLJ&20oPUg;AN5bP#;oS&Uvu_cejKe?Jr8Q_S*-%~oLLPeqVtK?ovojDZ{NQneWLYe
z^MEh}5QE<}JlAmcTn;Rx*@u?lr-&j{_~Pe<k2#FP&+`K#Gc}9f<HPTBKe?{uY#d40
z5>~UiP2?)UdNxj!D}va365noCn;9aA{p__A6%oV%YW}sb3JBr`Tbo}8Qt;*e$+;f0
znjhu`TbuvM$LEtcj88Q46U~~f6MlT(S$!fN(f6CxhcXaF|5@D}fXoS))$O|w)4*BX
zB95d4@%0vlx0{%-BLALfl|-Bu%!dD5g7^o|>f@yd5;9vp6wRHxX!iJ&Oxq;{!|(A3
zA_zxgbXH69N9I{A4>b-$K=@;aI@EZm#i2HVngF!{)b>ydLahvS4Aeri@iU+np4G)r
zi_Gd8sKsW}KMJ+@tUd*`#H{XwT5?ujf*Q=~D^N?#>Kjl?&+0o+6KC}!sAVt$@Sa7G
z=TOVS>*ApnhJ%+P)ZtJ|LahY#dZ-hiR)(72##2zM%xb(4f~Z0b4<YhUt3l15snnr<
zkHvnd69cFb0oV>Ok|)$CU&GGB0I>f+EvSwle$p_`CxlWFbws_5UtJ#=;eU`mqzA<t
z-({9G1de~mvSo#c8^0Hl3L}^8#lLh6*he!!8Q;Ht&mS`20seV^;fVu+&=6Xuyxw09
z!!LBYhli_&3*F7bneOi4;z<8{guj3P!GxbnL_N}){~jnG@gdhW%IlQ)-;<qASn@yD
zs6RI1f7)nYB=bMT45Cf>pQtK-q_k4x&#oUwnpb{d2!?jN5q{-QK^S;LaF8_E75TyZ
ze|$bF%!kj9?*bohMR<g-_ye85>^r~P@>Alc#s9>^<NP6;-_)>knv6UgL20i!2FOd!
zJI<>%-8OUNKJ9(mOq(%hy6r7(I@B<fI&wesecLOVN!xSe4fkc69@kv`-Ux!c;!tSQ
zw3(5q5fj?yXZ@QavNwfP`PoqCzaglP>LE(rvwN>oUl$wCpO!<IFUxeLOu6bX+*F<L
z0`{jfhN;MI1ZhO3(5a7g@!`yc$U=DUh9HaJzr`QZnga4>`+;$DHNa6@fTAK6$O<z+
zz}zMfvgA0hoACilG3`JQ6NxTpXh#=DT?Vq#ULdC5891Aq1+fd4fKbwEu!On@h!^Zd
zrJg)P&0pOD3WQkTKS)3q2c870&2|C1P5}@q{T=FsmjHg_=fU@u>wsya7g*?44(5qS
z0gCy25U+3n2zxM4slH%9+{*>lOIW}u_dBrcI1aeAya!UDV}Jw*Ku^*c1fKB*^Ny22
zYM&Jl%OeBhq~AcKzZj5dFh=JNUPTwJw*vau8z`kO3b>?S0rD>+fD-#WFl>nivMnnC
z%_<GBlBa>{=~7_oi-Mq*EohXp6#%!gQN2}lz+iI{>i)z8h+jAWB%k|()jTbbe8m_j
zeUE@Z^%`I-7z^ggTm~$`BtY@o1gJ;ff)tbv>;txf<?3S~)?^)6p12DL=sW|m3uFMb
z=ss{4S^?%LYy|;zFF|N+6}mcD9SFES2jZAwplIm}bdms=mk<Gx3UffxJxw4o_!A(q
zq*2xAJYYcSLt`eo0ZxBCkQPt|hLxv4eB&07>XZ#^(t82Z@e&#(ya=pbDu811_W{Lu
znW)a8i(qlxA)p}00`}X<Kt*8?Xi9g1MK7MBk@6uRN?#8(oCyU+1=mn-UOO6+c^{QX
zF91Ho-N0XjjixTl2js3SRIuYLI=3+d&`Wlsu}-Vdl)i%~`r;Cbz2yP~@(clCdJ>f$
zibB=uyim8olW0QV42qn&35cdU!Q4ZyfbCsV)SFub7(^{}p@0`iT+xbRcLW2uDjqPM
zaR62&5x|Lk0L31;g@Qe9s6yiqsxGw;rN|xvbDMCe%kvuGTD$=Di10x1or$OfJpxr=
zc>`rC0jT4QfaYpLG@yG9%C71`L7qKI(I%i)xwlYTp*^TWK@gy?XhDguno$`=6QG~&
z2TY}wpf(gwV9)SD9Z$HTbVLPZ4T+<IG1pKbH#t=F_AXSp`#aPK-vQedMJ?~ip#clD
z!NSRO^oNKeV5ONZD%vCo<bBhD;o()lj8_T5sFT37_XVJ_rh!xMWz=)aeAH{|Fkrp-
z2?QTL0YX>J0kJFNLEK6vs;H<4w16|9T2Fv^Em+{{zXp5<Qqiyzp@7}j0HRlk0NtbG
zD9ObQP~?9Ci~3f9$RrPtc<mTi#hVL~1H1rUN*Wcl_z{R-S%69f<^$ynS)gqphU!^*
z17q_^5PaPjEMBk#gyp|N!~5AFGWsrxJ@*tyzHEZ`Z!N0-q74}376D`Hr>GA;0>lqJ
z1S_xq3`9*Iq7u@gKq_GaswYnZRs*|G=O?{@{we}|cf0_whnzubQy0K5+yNw-&4K)k
z3TjgH2&|A20|NA76j*HrAWRl$$m{_I0ds*ti!U%t76J<gH-I%yasV#R4iG1o1BIQ7
zfJ(3rASZVN<J={%HgtiT5&<kOI02SEVS*U=T5)AAkYH{Fy4RNiJ?o{YUR)tC$x8#4
zEiZt5;R&$fSS!qP4-m4N2C^o7Kwdf#=oYmAGk-&1)p8Tq6gL1ne`!Elxdk|xEkJ$z
zssNL^94uryfXIRSVClJbz<z;()$uC<+VmdaSRw#FxfKX6=m%o8Pk>a5FDheo5hy?J
z25QVe*e4}Xs`^6I{`e_i561)7<n6$tSp=oWodP~99DrY-9Pq!|4+00V=%UgJ5H4*8
z)+S#E;(bd{8M#M5R>2X-Ds2UFCiOr=DG+EJP6sAO9fA4eL*V>O1<cD&20jh_fVp5C
z_%1jG*rw^|>RUepOy7MJ!xKjFig$pFxebsxss`jrQ&FdtRN(Y-A?i*!1z1%&Aox`S
zDk6&qN&~4teIOlZ{jwF9tnLGrE0uuFtG%fG)<8gmZQ*om3vhdS4Bi*5s9(%|5MX%?
z1j%8+g6EGxNdILJ-nRrq_8EeuDL29LWAWez^X(umu?MW|a|Ww+cB2@JSb*^l1DKba
z03mJ(kmo4@6~AuOxL6UjT49PhZ{LT8uWSPmnoj^*VF!pYGY3h5{b1G9UVy~w!yBps
zU>1@A)=CY<&+`F<W-<^g>_P!G7nRny0MrxBf#E<rpyv4i^TVmYu?g1Ck=<Y(?+9=)
zqX2sIH4vC^8wAbu070wogP<2eU;*q~3lCibp^{HQXkHfx>x~CtyxSnsd?$#6<8$Qo
zU(l%1cOd3vB}iPk6C@{I2Pr`^V9irCfEFkKZ1DmhWLboY{&ELMO5*^K(glDS4^$7W
z1DebufE2F=jCdWu(LxQ(Q`isOrObf4*=gWz<qSMl6#%c6bs%7SD+o1<KqK`xp(`To
zz>gpqpnk0Y*93r2&;=m2!WoDiQvl)$JK-F(2Pi2nMO7@015F?e=Y?MYDYpfXo=5{D
z$vMDSz8aWWtVGTGLx6>BDsYN71kSt*z<F{N@JMI@^qpzIleir)Sl@$?_(TxeZ-+)C
z(m+(+^oMEvzi<Dof&Zum_>Szu+88b`As7f2ixq(2a5y|3PaqHk1qFqKgoK5KMMOkJ
zMa9I##Kk2fBqSvz;oTx7B`qyYB+AIh$jZvf$;rvf%PT0riB3sLNm*H0MMXtbRaH$*
z4enZLXlQ6^YHC5WwYBHWnWLklqYELCNMtfu52CNHZvZib7#SHELrhFeC=gSK8H5Tk
zhgd-7LM$Ox5Nn7H#1>))vFGCep+Ow^I6<8G%!9Z<T=}^1aff*Dp+n~L@#NzL@#f>h
zhXG;oVe#?h<HyIJPXM1lK0$mI@Cp9FLOvmU7JXnbpYQmD@(KGuIG>1*M1Ek&2ckZ(
z^aJb<M1Lga1K)pS*+-UtAoe3ad?fB8@gGT;CGjIGW?A`>q*+$|&gxl`e<x*@HNW%Y
z@1*|0+TU6C2b@1h`<?ZFu;C9j{z>{DWc<OVKiK>yTmB&PPqzL^)}L(qlk7jq`IFpF
z$oqu+Pbv6>!cQssl;Tg>{wXDYVaKPG{)L@?q3kd0`U~ZMVfSC*{)Ih%rQ$DC{*9`?
zQvFwI{zmQJsQWv6|Hi(*v;Q*=d`A7}9Q=%*KIhP9G<?S4&pGmU8b71yGmd`FvCnD#
z0xe(Q_!l_w6;6JM)~|5tOZ@yr+P=u?FLUP0oc#*zU!mhGbbf`duW{~cbbpQWU*p0z
zxcC)%zRIPqa{24@ex1Ir!}~h@UuWR!41S#}U+0&vbM@<7`#MA4;QF^1{szB(iyL3(
zw{I}=EpC2`Ti;~#+l+mi+u!ESKQR6e-2Epe{)v14$o+rh!9ViwpLz7pJpN~%{0pA`
z3!eQ8CjSLf|Ay&*!}EW`i+{z-f61%=fSLa(um7L$=6{8^|5v>G{|WG?s{iu8R|6lm
z4F2o?|Lgx}{r}(G|KH62-<|*8ZU66{|1-z`yWjuA?f>reKX>|H@cDnZ{4aU@FFE`#
z`ui`s`>#0rPkj9+uKsJD{u4w0sh$7S%ztX-KQ;1Sweg=?_`ewVuiE#&IQMV(_P==c
zzZ&*$y7j*~^}pHlzj^e(`}4oM^S@j3e>CQQH|0k@Gv$r{!jykz$v-#bpWE@z&G;9r
z_~$PC3l{uy_x%Oy{UzW11=sy0$NeR{{UxjYC7b<4i~U7^{Y7v6WncYeQ~hN}{hxX1
zulVS%ndq-M=&#!6ubSuoiFN)zG|pGQZk(@O`-XEK`j&IP{tf30gTCdRfBp6A=9wSz
z4gbs!`j&-;Vc#;*AHu$Aq+#H<tu#OM+isd4`fWq~G4vl?^@repaMrWI|KzVfhX0ev
z{yqF3z4jjw{?T*)8Q~wz_n#5|*@gcR<DcF5A2I&fmH!^&UzqdXqx=hx{zsI5;nn|$
z@-IC5CsF>5d;cWPzwz;ZiSutf{pWH1mC657q<`uAzaH&B*bw+q)c@%o0sp-J7uy8?
zE1LxTME}?K3I31v2mbf0?|)O~*TB{H*O85gAP!H!;{*wKf)M=8Uz8{&Dk35(52VD2
zDhjHq$_mO#>e@!S>YDnRO3EY)lD;v;jB2K)V`*z?YHMU_MnU0&0;0mAa$;g~6b)q!
z{*U+n8SmQ=Ac&4&I9OBz!2lEs(D&_V1$;IE$KRbm|9GSoK4dNcGb<=0EF#JO`yVVu
z0E@#3z=wI!)DI7!1Duow#St&f3?pd96HU|d_6TY@HJp}V^*zxx3r|=tBrGc@ub?<b
zN0&s_qncaHwY0K!p6BA~=I%lF_45x13|bHz5xFF4DLXnQamC7{RjZRzHf&7K*tB^|
zW`03oQStVY9i<hORn;}Mb$j<6KGN89^jLGt@iS-JJ3710b)V<;4-8)U<?6Meo3}>C
zZr>TdJ8|#nv&pIH=PzEqf{#gJKNjbY5`9u00Lz0B5P*+;^UH%`R`H*x2Ld<^3SP>Q
zNeGLV)-+8MBs%5oX*eyUWyX3U6Q0l~EUQhuIp-<ANFPe{?+Ud3e^jDB3iL;L-VY(7
zSoi=nzykPZ53k;3A|x*6zi<Dh4#ckX8*<(wf$xzV#q<aDzf`On?aY(Ydadj*{MHL|
zNp)g(d#`_Y#i3)`QMT`qwrxT0E;M$5_sD4H`q*>XyOv2%pzeATZGZav_lWJ&_XvjC
zS#q;>VMNIhzW({zm7gasyhl_WM%|6{qKm60<<uT4?pm?N`8{H=?&;_|YRAQMcX$u_
zR&Uz<V&|KfV^<BkEw`#Y(RxP}qj>Kkym0XKd@a^&d2OcDF<}KSENr(iOpN;Y!Tx2F
za_?-{b(S2o@Urez)l_@Y_a0GntPOs#b=qN+7Lqb?bl1)INLS9wfxd|VgX9hHv>%>w
zmAANV4R@Q#d6W8cXT@&!Bg~>rYEN|FnMrb#g|Dp#)TS4_N759_?M&OVL*ePy-$YB4
z_|^oyM=p!5YrFo2y~v`iEOqzC#EiNt`VOeQTl5}zdIu)4Y{s>`%s_eO@efaH!xClG
zd>WbWYCja6DWV_p9@*dZMsT1gA+rC#OS}QBOPIC&RYP;#E#D)n-y_>tx;wHJ&G#rg
zdo^XSu5-_F`)+UBtPj!pLhnSZJsm}u+5LteksAH{+8yH$QuCmf>~?ln$<MGR&6iVc
zq^v%cv!Z>{BvsDG|ME4Mx92c#2UeVbm#iCo%g^X?f|=ZFy$kPFC%&6px6OQNzjuYf
zy0)GCqWU~I;dq*}`z35)MP~K2f*exL2aUUEvB<Q~+T~-&h6l3mkq^yErPPr6A3lAz
zAC}YHz<PP!?OP5XT0-)=q0!E2wO3&U?_RIl=B2u&=1}*s(YO4(?AJ`*AutnAx-Ffv
z?ziRd%ojW`SeGI3Ci&;i0)cCa6VGekEr@t05W{Y~U~ykO{vE$vT|!#Lx7Hk<Bse@i
z_Htm`p6Jk}=RUMf%mX(w((pt8`3&q(IdfkQM$`sRZidyt>a6PAWq)<u1&0q6r8n{X
z+UcARjp4pZ$IGaP^Y#~h_o-5}+r4_z+o|71{lk+>x>sBv5?(BDc&zqxUrp!rcgdqL
z9}7GVy~h2#s4UeB(|O&tYi9RTuGJQ9|8n^^Pb03!!^|CdTU0yx*8M$l3ig((Ar~{e
ztWW!Zb)!A+sAp@2mY?t7-&@!nxjRK-VOd5y3m#a!wf*_cYMz>jh<@x-{-Ju8nrkNA
zTR(KGn)MIXOcW#Q_I@m&R_!&=?(h;e6owU<5dHkT!{9o2!^IdkES!9OYWG7$mqo>M
zN~U_|RW;a62o@|=sCl40(~Ipbs%<)rRiK_tFs77@_-_teWpyW4R$%c!jqOTqzD~GO
z=IWBP4x9ANRY?&&t_e1`(yqoTWLwo%d0KIW0`C4qRN|!gHXkstnDnjqv6;wOol_e3
ziiF<!QGAX6{GIE^vwWL_vcbtI^LWYS$}D;6kIMbb_2mSjU`a@Px_nJu^H_gMM*H$*
zm#o8gJfF+#Wr^e+ezk6mW_q*U+ThTPZi8**g4Dr)h=Dsro$i{aN2yO$33ObX)bd!p
zfk2zUdYh{TS{EZng#9;Z77SRZYIenV{Mg*-ZI;P)AsboQtgcb2xl5U<PB@?`tu-0I
z>)u`Vbi#FHYR+rSX!)tZ0Jgw#&eQ{=J;DbQn)KaYucjKJMLP{r`bUqMMqJq_nt0t>
zHITX&5V8x=Fd=4#g-4KhV~9au=VXt~`O~9iJhVouT#qcdmwM)fqWr=5JbL8XJ6p4&
zgsij&o-RCh_V!{zJthT9JD)70#9iz|#C7f&&*GiGh|_rBRP{)^^iY;y8&N$xc}*+1
zUX^@xXKwENcwQ~7E#Cd$`jK&m>iLS|Z+bU&URF&}+;slF_vwTax=nh!n&u3roNFHQ
zJ=vj+kn@e&+~`~SOFh{%L@V=1>{Z)I+O_ydhE?5I$z1Qka}Ba)Jvx?E6#0j$MWD#d
z+sj1xNa$Fa_xHK9TO2LJlTRG1F@W~SLtZ3MV@ccP?^4*sTjtg-^YiH*)#TipcXk5<
zY#)b%>cd0K(;Xqg+@+b(g0(C4);pCAMurbiDpvQ7>(q!!*CQU!3kjvF&+V$jeVS}C
zJIJf%pU)c52fpV^i*4?DH+N}G?yYzxIX2Qyo4$I8cl}|P{Juo@+DC~~`=sWD%~c+)
z_iTt~*yQii%Z|Bd>gvLhdDL~p6(5s6ur_+6jM16dIoP_6{=>CMY<7(BsfwQ-c??_a
zUHhw!3GvomwtN3d3llSD{-cC}5D|u3o_DFOIQvjY%~gW-V6#zWmbg_-qwG!dd);kn
z)j(w+gs@z@f63-iUX}2Ht0M`~ELQEEeV&S{FR=0|F>~g0MqAhfd1d5wuBK*`)XiI7
zy!YKO(pGyY)^W~Ft=dt>cB2GW%lovTQW@>>0`Gj=?85W}EkH=~3io|dqqJG4i<-eY
zvo-sQ_O`i+nT>f_D=N-36FXz%63`B`Wx*qHpOgsq$Go(PC}BN01#RKHJtfpJ1!_jf
z<{z7D4o~0OwQ=5gw6=3srwc|KDJP%jCa{&}D6MX*T81Qgw-@PH*$;|e(M@wE3o>5d
zcPnO(PgV&$tx56QgDCgQ%!pm@AqlMFM&{)NAFc}$7HZ8nX?G8wBbMiVM*4fK&(Z`F
zG0n}vc3pSw)E?cqG`&L>EaSTDD@gE(Ssvt`mN}L+IiKj5Lm*}vX=z6g3cQV#j6MAY
z_nX*B<GIfw3EZmFVv)HLCE>-C?8b~m8%41JMSh}#LHUi3n@3jE82QDsSiP*C$C<Gc
zW?eohNb%gz)M%dfzLQysRbJ;!PkFo7`~d&bSC8&on7_vVy5H7Sk11XnrZbxh#khWQ
zo;%~L2c?#_Hbj)Y)uY6WUfENaF8QD{dGF0oF+pp&3Zdai&lBXM2hW&BhMmX~b`i+h
zz+mi*^LFt8SfrG_u;9%`Uk?}M(r}mPjQ2>h8KY!}_rmJ=B#Y5E(NA3^jQe>TEfzUT
zj;Y#_5BI2Ana=}4Shb=U@^;-)&uB>*EVr83p>ep~8@t>*$%1w=&rc)&T=U2~fA6^X
z4t19w3<`LKM*Zii0&{zMIIR>Pq)gG7SZ%2zK@=W6Ci5sd$N0*wHqALD@w|iTuUs@1
zpWV2kTW&dG9>O83To8`XRL2&~Kbb`2xLy#K-9MI5BWK{Ig?6}ST^ug!iw`=YY^Bg)
z(>-2|kQZ&B8r=4>+o=7^Y8lUAn_~pb*0h*kMMTSEy7E)W;<uCOoyqrEE(sJ~`5DzE
z#=MGRv#iO7t|RBm7yR09ZoPhg+UY7vR^q_eYd;??W7i(Uo=ngC&3x&_B(+uVk$O)H
z#kQZBIWg&-{cZPY#T9KAy={aWBbP<I>WkmJzhz$-+C?|e-+CLTV5cWk<vGGUEOu^{
z^lvgs#dbkuEcs;yCiocldX?iE+(4O!yVgD%y-}pKWHc#yeZ<AA%6b}4dF(}%Y0#pa
zfDZRqxkq)w0}nI=mkQ+N#6<Pfa8z10c@D1GA~aIQjFY-SD12f$y?5IQUHn#TWP(wj
z|IRq-GOAKpZ_8z!+zW>eSG>83DeZ{*p)lSvPt-9m&%bKh<S&>_Tpe{$LQ0g->(1Qn
z3i-V|Y}+R?*`7<Uz3d+GV{t0V&nU?z{$?IJu3W$hWcslVDaFNm2FinYrh9cZp1eh-
zD0#Ye3ntW0)-IBjde22mdELy!u;6V4<w!rr<cTY}(k`dRGfzm@Sob@nWSfyDdYsx@
zdeE?RZ?;GeMt%&NGvS3>QyNNF@xfF?Iz@|Op87g-64o$8j~^4PB-X5a?7zn%GIsvd
z1hcTse2%7&oc);{iu;aH(fX+FBV0^PaU}M(^5FiU0@I*Uw@a(5gN{zu4Oh%NGhO?t
z`^cS%$6ms}sOJYwKFd;!z124IjMN;oDIzj!tv@w@o1I)mQI#+}+&JQG72y*WD`r|}
zX;s%5GShoCs8qXcYOj-W92t38qM=|O8KR+*&XUPImKYl{XX)V<+YKJAbQ+3nuHE-=
ztkgZQw_J#2Aut)}y+?Hzr?CIH(-Cq{Lcen2OTRoP_wK#JYc!T@PV>)PHQ}=UcEVic
z$bqL89rE&A!#xJE3tFu9E16ny1=t=69lph;_2;O93BSr`5S8ERSsAMwpRSF+nsYH)
z!fM9%d`cEe{x@=iyVkgFldM#Dxtn?}Y3>|LK~nPrYDn?@0Il4)+VQj?k8lICH~WmW
zXIPTMGPc6bW_2BQ8{)Uc^*r<n`I+!j3L$*J<eA>(g5t4w@AhF2hU=;6UDWy$*#kd?
zRhZf2o!+zPvTs+t<^hAUI6aj{j{p5%%)_y5k7-ipOfBE)nQ_Qh13^OcSgsvfMPa-d
ze!f3m$E_9VGDYlS>f3kX3Bi%WHSKqDvE@G0gG{|c%=K1#BSOmZ(mcJ21tPdLhes`m
zL4lIw%Y;_?)(t&a1C7PICVFIVdIswCsG9jFHKfSv1UvahU(dE?$=9jmF!YAw-n7I<
zSLp;cGs_HFMaokS)uQb1_O@~Sfq5;qqsz5LODagOly;~5Py*JzFb~k)_smRsAZv!V
zT(@Dbp|IqOhXLx$&eb*Zjk}~C-m2VnMpSrzkoWDy3rpiKQ5cML5#@-|+=Wl`uhtZG
ztP!Kgs5rjS(|y(4N!}u&tffXFKE){J<vYi=yt1s9XM$v_7yF%-EWBP)DInfdI=RC~
znYAp&S~A~ps#>6++gvO1>C&2%fQ_QfV}qIttX5nrLl?XdJ#b9`_1Yqn#eG72=MQi>
zS~9q7=8*#54!zN8mgL*J_*E<G7O%LBNec=qqCcd0IZfo1tu2}(b}f4_W<cz>x%LC<
zOGY(iuxX5Ly`{*cpF7WVW7>?rm0#o-D?;nqWlVYV;;Vbmgc~kxRx)9=H0!|-FPW%<
zWOG;d?ua~wd06>(DrA;zS$TBUys7EhW!mBn^g>^!WbLF{oK`Jez<fBHEN$>gyD$Fg
zF-44JHDw(3o?rJw2e_(`xolqz+o%#oLw8JQ?(KAZVvl%3R$3;_Kd~uWJUSw;H9CDO
zXtBF@@%xr_yD-WPllL<dyEeWdf$t2|vT^SHhku&lCaK@xse0>OWFEA;JFH-Oy1+v-
z`TNT^y)<l!&KkWb@Kq?;wr_RCD4Qm3b!SJ@)|9?59nZ|2$#uF}*k{VjLwzi-d-1!^
zm!7y@OWhPceXu-I!D_!$kbLL5UH+R}f)4iaDx{Q0gq?$nS%KHHMyVUkR*v&>yQO~3
zq314q%?#5GE7(0JC2_(p_?}Z2Z)Yz%tk`w>%{_N#>3lY3dC3E|ep<dbsX-GTy1K`m
zcj`u?Xs!B<H)Vq-*aZa5jTv2bJEG2y5_d0Ia(jLMp@VZTXjNM-v1^^cC}<Vj*fVzQ
z!c4EgdIO0aZPc5J&qKXz1lKPa<0LYRmW&>w=jWagvWvzf-t&n;nut=S<EUHp{O5@r
zJG}#5=az1EO|Ee(KdUn7o{D$xDd^F}DCS<sJL)Py|Gr&hY*1+1O8-ZC`$x)cSfP0a
zS~seP5^v;oE$h-L2+!-5aZ-F*7gD<4SQlH{q$3zLQpP**#;@2t|B+>f`-QwxWWCE+
zzuWoLI)x~*Q`%!6Gwjd~3uIMN^|i~Ix$SLsWaV_#LXiZD=E&00x%)#&HL{XzLSwyJ
zaLRjHV-j;QVYzZ9yO@52W9^sV(>(HGUvv7rUoRyxy-g@ArqtehdOgjjm9i;L(gUsI
znz}Mhk9@V_v;2>0Zw`0z(X1DIq6eIIIKgfmd09EdKP2xbt+_szb`;z7XgsjjkIGGm
zUX16A9b}7C%wN;5cF?}aptRVr$384*zjmjSE16|bZb>Y!G%#2loNzOxSHIwF95+GF
zwZ(f_ag|6&t$tPQPr*6ooO^|fDT)JVnO`!<*;(f6B>AiI6S8bVYV@$dR+FE0WRst{
zq?NHSM_gT_vDQy29q4#>-9k~}uu@iBdtZ{Q%l?%&>|!EfJtjQoNu9yRWL;#0MPu|I
zEqj*8+JDT^<$Qy+*je3r($@GF745^Ky8Xmq!B^U;Y{&RBx8;Uk_b;A4f#y`pscgnl
za~|G{Ia4Q+)`K=EWQ|h=w8|KwPC*H)J6xA6dr>j6`IxL-j9*qm53(>*`L$oU`(n1t
z`Cp9ul>Hs8zN^<S%>AWk?DenYC$2nYG|da&K2O%RKj}R(eUGr$KuaL1e$%36s)i{+
zzjUc@=i0`$6mplR@AH}Wh_&;a>}rkp9vdmw2XX?XwOVG!R7mm{rPjRjH;B%P<jFt1
z5c;!un3nwg(u$yGL{Z_*dv!R&NtY;ILAy#;RN>C$3cT88>K`(_@6bWorLAq_6HX0w
zmbWqlS3CLWRAmp$y#a0B!t5*5#ZAiB{nrNX4+?B?N{CCDgafthiaLWGYZtfRi(*aU
z;^MCpHSFdyZiJ@x+U@g*Wx2d+-q&KG{+q(Yn|)T8T#L;7^lh~J9Sb%HjPyG#IRkv{
z*VlQja=6e|b6OA^?+prA7;4PP^5}@GZmu#;Qh|E*zPn=%o)4Mfh5i(8o1u1^o_l!r
ziB~MWJLv_8>*P!Sy^&j0zIO>1eZ6H=VQ8*mT8&o4yC#Dw>iPEa_?Il5TWgnvS4C~B
z$}HP`zTTXN23Bu5LRvJO@wzp2A90Jx{OK1}(<%on+(#ei&B^&8CRf`7Q@&2`m{O;e
zwtq-~0`=*>GDYs#`L^uxjEv6QG;ve1@U1F#z6|!Us-51oJcT&C-a*|2p-85O65)p!
zr(?`0=Lvth>OkgIj3mxWgtIn=?b)iFi8sY*7jTsmqK5+psvUZG`%AKuZ&lULqfAZ&
zgyy<sjcVN}#Rs_5%0Fc>c9IXr_x73^NDmBdU2)e7V;~T2&*bHH=`O0-DttFOkRVUp
z?XahkdDr!oR#`u0cZxvQ=7w%<KbD0!K9Sa*HCf=hMG#wRB&(D5Lh&$yE%3~@(jHpf
zp<Z;PlY|C4S?TQe(6?%HD8e4vjDK8`_j2&1Bq$ZQpc<T3`V+OM&nCt9>cWkQCL_o0
zvwpgi(3!U3K*WZuewUNWOmVVc@tOonU;m@aPivJr&)b~p;@OaKJ9&>-HYnfmU5M|=
zlL==t_e&>OiCYq#)TkwWmIB$0Q=4?FF_G_FZG0C5P>M%{lYrBm+w;ScYlJRYUB1a;
ziCxd3HvvDaerf3ZaaW0p%{3?Y4Quvm=irj-bc%8ms#pz*S)~oiN?n3(c5L@RT?=oy
zhUYbgrzEt959E|-1Z<P}B~+Uip=T!cYQlS1jWc&muf~M@W&I8FP5cSe2igI)sYA{u
z8upUHa5+uEM;oKXLvrnKRI!3?wsd-3u=H-afrrw<Bg)x@2hs_cJeQ?oQ|5N32>6Y%
zhDD-f;!Tnp#hU_j#-zns^@zSFehPN>Y-mi&DwVa57G0x0RrQQ!9-uS22vHV~!N#_a
zYb$!P_o<|fW~R7%dAL+9I#Zc%+i<Q!Bd_FX&-_@0-?9tamz|auwA`Ddap&lKXC1t@
z9bv-pnDc;elE^lTyz;Zps$NT_L}mNQMFgLgaAX|au9UQQOwCMkLVu`qML9V^qJ&vv
zJu22iZrI*%e|~Q4JmXr=t^&G2wf}@i$0n0*gF9N)&d;s7o|Lg}FIgmf^x59m8TC3-
z${SoOmWvigBR4(je!OP(LQIEhx1ix%XLM(j7M6<iK3Myt_AR$!RE<*`zfx<ixSO}#
z#KvMcI?MMal{@GuCSh;CTHDy(;X!*n{Ek{P{<@{&W~ju8rUjdBa18KBDtX?$+F|Az
z;j=>zmhY2GY%C+~X{ZViq`j`mLWeV*=VYZ!vUXTxsgGaTVJI$<_2ae6^<D@oF|Tx$
z<itQZfnFE!sv*;JF8<6j7Y~{KpOEmaS0l=wMeugVUK}5{?QcC@ac;BfdT#UPQUlGc
zI@Xz4M+LjowrS*xWay{O^apC+Zh?8fU4Et@Z0i0)m-Itpo{DR{BM{?Y3v}D+t|r&m
z1vxz~XWE~*_jE#+q=Qv4qlMI6xJ)O8J~4AriYSfB$=q_#V<c*8=2_>+$sT)kj|tkc
zh0n6>qJ?D?IxsD)1y?B#nQ!-;>yT5FyyUjn%W6qpMjSHJYbtiCai2x$`U^rNW~S;*
zGq0e9dE2Exc2UxKjncW{*Az1m;=SREi=(gBh=x4p!p<2N?HbLg*iIBAw=pnq0$z@N
zj||fA9aEJTzM~^Pa}s$u8WPpABAc#7T>h1~J0j<G<+JKYyLqpPZrdtyue$6$?x1JI
z2yr+vIz{ZSaVg(LPEc>|<S~!))<traS!0eDO}*5m@5adW%@-Fla@?DHbmO)Ap6}WV
zm*Tf;>6hS(tjkcA;l}$z+x5jGJ6oH&UP#yvf}_pvZob(U67=dI^|ZbH%{O&Hk%Xd(
zv&{*DqBR*TH)nSvM-9EW%FK=DN2zDSPDQNh@ew=iTh7Kj3yEDEoe^5It0SyZDq#$|
z%Y4eS(m<Kb?d|1)dq)amYcl$3#V&^7WAwKcYOTllcQ-gKu<hTtSkK|ep|Lu1Eyp7&
z4J^&N+v!MmQ9rgx%hZ^qx1~XCXF>X7k2$C8!@E`m7c+z2l3Qn@a^KD`-d`|z)Gj?Z
zm6O!NG}y0IXX{%iwgZzk)Um+z&Yenf_Mnz$0_SAuvE>;P9V}@hOs1(<K=bz1XQuXS
zQFvyw@J5NNebJm+Zr^D{_=u=_*@>u9fR}z+ixZpLt6$e0C?k7Obt=O{>dlR!rtl3v
z)cdW{@oct!OOAio5gTQEbAG0fY}#Ybh)u7EjY#}UUa!X5U1T>p-iTeJF;J0<C%aWs
zgbBo-gYm@X%T$D$Mkh%M$91w1&Fy=*h;T?EZKL|qYNNq-ce&ULzC$@=J2P7QGihG#
zb=P$nTLq(!Y=x~|vr~TOzMpQ>&#j7FUPD`#zD_T_@%yBAiXnABUfj}1@~{oBuok5~
z&6|I1&m=|7t?f*?9-%Mt*W5w-iwDCkcsi$%!DMRk>2uxH=ejOZCkpCb?=Esbn%~v!
zo9BDJcahl2qSdGC7Ts21l#?ZB>6@+MT!Q8D9(G#$;x|X`njckZ8aqMLrvCi1eIrlk
zzI$Y!%Bg94?Sg!h#uqxblu|N+o~N=8ZK4UUzgFXUyZLgk3*ai9DoQdgS$^LOi{~sY
zjX1Nf(y}(3{?oSK4CjMoEd4!3Joj#My&5;FU?%$)Z9g%!*nuFUfWma!gy;%awT@Q|
zo4h*R%ww3Rnd`S`Zyl;2XNC*<{#ZVEB6ep4cIcpB@%&6?PmFtW^*cX70-ZsUWc6aQ
z$;llis5ezGgq4Xbo~kGjxsi!5=l3AQ3Jx(f`YIO-o2ZpUL~gcK&M?s4HLT2VVP+>u
zekn03O{CNmy-ySLsTP>&m6ghcTSfBROvE#hm%Hx;{4rYbJ+i{r(|rvK%@{IG#*|!P
z9D?mqakfRYbeZScTLTi6?bpr^G;2(n%JumkjZvTmC=3nz9bZD0v?wy2stZ29(qYA|
zJ*RU@Fx_f?RG|>%7OkP;j#!6>93y<p9Gz(E@u98h$BUD~DA_RznpWMn(!i_510xSO
zqnXI}A;%IKjXk<7cJl)}WIvO1y;MM7COC6pmZ-2}_>oJA-F4-oTIGcy`$e4=G%M}%
z+BPhVIU_Kd=N+KWqAdPVJY~R;5^Lstt6`nz)<n!Y>mg=GG-gioh{NT2Ba`o)XmMoP
ziyDpiJXh;GoI~NeGLeuJ)-8@`BHcQ^6j@B_z$oKLH3-=)7zqwZV2j}GCgN$rcpQl+
z7{c68iZ`M-Wk+ufyIR2!pK3&QZ&Mg=RhM=cC$`j}1s?rBr8vuO=hk4D9T?e6#D*2l
zIkc*RBbnxwf=CcI4RI8sO-ZOpZCw?+@HyNzU$esM+`eZMeGdLIM&$JKhoc48K60#i
zk1Q#AeZcJ|V<fmh?m@n;W9fQ!l}cb{dBCPMxsn%$50VdS+$ET6HDDbz?$$o55%K80
zDfotTgj8&!&sjUMUnJU|{H$S-;Ii6S!eq_S-4+swZu%m*_B$xuy7jI@AtP{IJ&|ze
zjx(<_(pEV6=uQQF-X>Z5NSZRGjr-b9W?*woGFP{UrWCwlVW4@+(ahfNM>a(N&5Kjw
zX+-3~D%cH?pMyhuCBrv7AfeH4|6fkomvgHGRqmVSI=zi%%cpur({$2=39UBrDr_`G
zn1tYW(LxAUG6js-k7@0dwhZ-|J{pdQFi5BymbZa+R+lKwhUS6TZm7dX9=agJ4MarI
z=Qd5yb#+ZH8+FsksYj@jE{IM7=^@;CvdxUp%yVC*$@a}DWF?cVN!5|mt2>FJx3Y|@
z;eQ>uf*4-H$%>!w$aI#>>UUSTOA@biS1s&Bdd<qVBxW9I3~ymJojX4=eSbdYb|+!N
z(`#q(#8HZG{8asw&Sl7*T{)LZIO1ft`<_nYO(fVm;=Lc!LKv3S*Smrdq#6s$VZ)?#
zRCkz&GH-B*D<-_Ly}cT1SiLB3dnQ7dppDmKh->{Ck)-L$QpC&!jd!3k>_{qSmHTKL
zh|SzExFVDUJt`!m1BrLX&9Hot3D`xv-_~)lSMoWSXq#Rv+m4M&5DW3AZxqyy($F!U
zBC_rHq?c~J#^yw?%T&=|F$AAmPDc7Yrn%1EWQhsdMcj7=zN+CrZ%f#jw`IO^%4Fcw
z&EjdD(qW&75K-Z{gBvuWX*KE(C%lPB(ye0HXuMl#!sJ9x+&R0tDy4MeCKK7hL>l4B
zb__?3SP5^8NxBzCbhMOmnJ5~}yky<0VbfoS5PgyAiC^jw6*5VLK&%plXYev%LvkHm
zN%G;@g@_^@cKjqRqRNJY(Jqqgdhs%b3l=X=?X|lrxse6#)7q`7xdIN^(c(BX+~Pi*
zlcGf>RLICQ7n!caD)(X(y)!t{sxPawnh+hF4o;&)yd$k6V2REC!eQFRV^@wg-hIL?
zt$XBoluDuNCsNp0l@tc%MfYR6U7ch_p#(kDki^Ax7&#~+R@EI80-foO*)Gq;oxV)v
z`pP#p3X<3KA~@1r5}LBIiios2C<em^IN+eF&P`#US^XR?wicGMQne9DB~fu_iG@gL
z-wlrBoqUcc^GX_y@a9%pS{0QOJ;Pg3gRG;|F=y21bi^dOzOBmC!nQv(9V<*1Fr0&x
z%(R-~3TWApNvOnxyNkLBW`)Y$0~@Tg1IdTxak>`<>_4i}5iNEu&$7DSgQ!}_!0<8!
z42|MF<*O!Llesv;jY5Wo<DINtw3OM##mN&}y%19MWoldSViKY{aFZtVaQ-V8Xw!@7
zd(7j6?G6s<Rewy!Au7@FG!eI$P<$q0N`ez{RG}h5Cm|0#Xp~g4O)u)sMwD4mX@b!t
z<i1BvFkYAL32U8%)K%H?<S#O;W*8<^K-)+yZ$y?36=YLrgqt3;w*C|rc6;)|h6$#E
znr$GtVU<_bk;t*}E5{gN@xg6d#CweCy}J;_kY0qmW~xSmt-!@yicW;i>zdtN6-y$*
zEETY1-Qh@7lcu<Ys6t=)2Z=pKWI>WjG^e$t`V9%C%%`o-VwhADk>=6NkSLCDNO&57
z+SrC8;?5GN5jF8Np(!}-UgP#+M0xP8ypxIeoGExRK|?P^6Ji9~Uh@?30#7}7aF~Tv
zqWpr}i%sls{S|I>o22B;e@GL0Ghs(Uo_FYwP`f&n)H+m5EgjLllKXm!D;~hykQwTn
zt6w;LwO_MKr*X}dL%|9SUGVq0>HU%;us>DGQ`<?^k2?@-HA$JFK2GH_Fj=El%5Yes
zIGIA*gnD-o+u#I@A+D_EVhUG0=Z4XGF!!vp7?@FNGuKGIlGw%|$J6k3>~|}W@a_0C
zoRI?^@mx1kM-&yT>OkbFB~(FD4_5T4D_e4Bx(+Pu@d7H6zD)-XsHFR)2#qX;=u#Qj
zg_%q3CXiiqcS-WQ7mE?wb?MIT;Y^y)Zn`&Hen*E!6~Xpg%l&!rdkfUIB`WTe-3Rb`
zF+(<z9ks%HL|jbdCabwl*|4*X-`HM{kd()%&GKWtm|jY$0BMHTkDfhBW~0$-deNa>
z6Eys4ZkezE=}uNSM`gVa!b`8gJnWI@VwK@N9}<-V2U})#A)Fa|8R$?Jg93-#4vctV
z1_$d%6^$iJ&;@kYHWrFXERGg_O2bn;hB#7L40ZddByQNtzBHOpwnJwDQSkdU{azZ|
z?4n7i7*UigPWgo@=<I$bZQH|sVn*5)H@cIRmezRv!v4XnS-(*FdVh7~;B1;=vq~xo
z6~pDIjYwl7QnCF;N&21bR9r{(V;V;yIEjRGiW$d*l5APyRHSkSE|Prt_X#I{el{Cz
zi@#6Dq48~#bi0Z4GcZRTMwI(BoB|h<E6zp-c5tz~gGrK&42pdt1M4NgKvE}cUiTu2
zUL6P~CkAmMQ%bP|6i3@$G}DuT=FlB`5c%;^r+C`ttNGCzStOrv_=|up-Fk|PDQHFG
zD$+K`XU5vGB{%xISJ{-+<><=nuXWD$N;K?QP+`sdEps@HHU;yYuKbQz`BQMHWlAqe
zMA)iUI9!g{3TN2VBeZm4MF|_TtBeQ#Ggbzf!(~utY~vq-<A?~?mqQd}ATz9~8hto2
z)7lbW`lh|$Vl(0WKHpuSLv`2Q&AxZZuzY8^)m$tuKTW;zRWC)1h?Ml`^3sAl`>t?A
z*YvVgH>~NS5rXXtk;1i91a=Ql`hBlJ<cx31Q+F(JR|_|s#Xx_nCk$~Ucb_lNA|g@w
zX<G)EnF5LNB;(-c7miw=u_-;g_6;v5r8l?wp(k7jtmfiWCQ=k}@ox2`8ca4Eum~~1
zNPP9<D;(iC<z5XpI`c}2Mh?k0yOvi)Pm+8fOkBU(stTKK#75b6mRziTV+EXwgpu!V
zyO>NVTQlJBTuMj2t0xMQI<OL*`5d|GIT-P&Rorm3U~f2?>W~mBoI0A|XJr!_W=e5S
zV8e+D&JKzZyDxDxshg-7@>TH32BDnEOhOaNJ&AQ++lcVUBzZ}4BgbsQH5G?kN;qSB
zQRwkPwh1zIAT-*rYi;AB?^!M#MkJ)V10%sKW%5eWYg0-5m9|RObY=4$jxq^LY_}Be
zEX3ZY3FE}$PWIwh=jFluK$$}=4%>VI*6U99?LC$%?t3d;wy-hMDb<->lM$_^Hay+~
z|L*7eZubTnc3aPD$>Th)>9T(ppFV9)79Tr*-qo>oWrw=t@$9LQwijHdOp?5~gYaTD
z>Y^OQ(JEfC`NxNu2h9a@e%0O`=2saXlCRWQbVx7tY(v%H`WK2ky(dAwMH>>VnPJ1h
z$erAc@b}2j7u@i-(IgR^?vJoeJmHH%6LgCaC!z2O#@up}<i_W9*Xyy0ZlfMqiSFU5
zjV0VLx3!Iejx&AN;R0-21>U1Ja5f*NJJS?WRxEUN@A&S(o`z)%^6=nhvRf-g7*3Gl
zm@EeNXJJYg6%Kf3I7A61j|1<fd!h1E)e2mK@b?<=*#k)X(QOND5@MpfhE)r%i@<%^
z7k<K#-OY)-jnja>+Fgm6xnUx}@L@aU;kLCAH|kpv_Ti}TOJk+Wj`rl7jGyVdsDA9|
zuAO(n>#QY$kKQaoawe%ez1HiMM0IPwqu!0!F)W(9q2;mv3jF#k5?sw(4Et@uHNKaj
zgiqd+BTqzkr<||c8&O{5F<8|GUVZ<-%DmBiS<?@(NlR9dx`MNBAB?bJK9NWuv#*|u
zn7sBx?xKBFx!&2uUa@ITvG$!ikMz#_ZfF&HYRMbDX!8iE+m*3)E=G=%3JLf7J=@U+
zvnvOKW2$i5z^)v6t(bwF`N*Vj#&(4%m3>ZwTZdPP7C270hqF@QIv1J(Y1?v=T_R0r
zs6d&4cEUlPnr&56(4(=ZHqUW_)=tex6N28(yD%aXarUB$ip^0MWv!yN?Tu~D@*6Bm
zA|I+<Gl+;6R-}b69O%JFh%e_293jHtQo=X|VP4sFIVN0u3eHxO^JyY<YiJz{Tkqmk
z2r{B4&b>-`PV6nYs-AHAc2}?esr5TUPo7mR3|(67-hqV!D=6qOq!3c<Gt#!gRi+b9
zwGd^EX0QIP-hZym!rMdRLyh#Y?S@rFzpU8bu(t7ezVfrSfu@5SR1akRYy>xqJe0l8
zhV~vT5lA{zd$G=R&EWSZ938|@%k}#DFdDEEar?$1%dd_39Sz7)8pq0n3<>fcW>OXq
z6{>Wr5%@f<RgVT&po@A^7;(<@e#=H2>UCq;@>et~bairZI&9RYFWZVMU_TH6SIVTB
zUJNUo)0~lsh*_lNl7?`GbR}iG3ED%NNG7xECM~^#tU~6D*zmGXu7rbQuz+!lKirat
zQypkG=4~g6;%t-|8VSgqJ;~?Ga1QCzgBa)dI~K!=M{;d?2RQ^g@^6<o;_s33+pE>(
zi0FhT4vtLK*r7DSO;;;!*kiX~0n%uz)>37LY2lUS`j3)yRZcLDE|U;zOx5>ZE_CP!
z?a@w=rg_Ci5(b!@STA7@^+Sg%Hx6w~SBW3!4^OWOYZB~wYEEtUvF-Um(!KD+a~Y=L
zBl#UhK}Vj$huH#x3)_EP@krBK;>V;n-+K#?(t;k@^^k+y*OKEqXzg9p5^j=sVI)Hd
zHwRIv>%d6mPT4n#!Wl;kp9T(5FEUK*C~nY1RE-idG{)dkp=;D*ii@)^?C<7c(q1tz
zYILWBR1!uxaekH>J%3k+GAr8>w)cw~%2m5M1+G)taDO^tL~$kY*Vnuf5f_9s-ef6^
z1e>B<yqCIv_uH5>vrE4j$=Ibx2NHF<i+wT6-MeEvyU%*)2tCXu-_`uJW%-U+a!(v*
zH15s4<#lb|@+wVA^GUjT$V|UG;W|B1Hw%62YjYsNplvO+^sdIK6x?u-MCZn4w`Jto
z&=!+B#Z_UhBy<g&gdRF_vGNrhiFzGt24<PUm~e<9;>A@hG&%R23)eGzgVu@|!L@Cb
zCP#9*l88v9k|kO(Qdv*0q;2-0?zq5^m8(sOwqs)~bV|IiSdSic)PqLQ*)YSvBvo~o
z5MTRxsVgSVha;Z)ga-{I)u!svop?DBG-1kpZ~2Eb!f1yfMTA#|C&6hq?H*eu{c$F9
z2>QUv`<^)B&BwG{<}^1VSiNg}EXDU|Rs=Bw-x&IqEHz}l{OW}@{moK^zYg#O{h0AV
zfi`aEt@arU@Va*_jJy0R0khBOOat4@MODW1#(FM$PQqfh3rQ;J=F8h$f<~41+q^Z6
z>1gx}ve~xbP|ek#)WPm;ahZ!+_wBwumUVNx!I~5n^SH>p1sPM8cT+FvIVJ;3u>$AK
z(gvAlH+VmUt257Hmn{ihM0|UkP0!?^p<SEmrG~q}X{*?_ME}_JE!vSq1f|ryt0aPH
zHduHol&;7cg;R^uK)B(+(w}d7Pgbh6la4qYj~LvLRWDy<QVCrky8~@5nT9KJWd>YO
zHxt7-l9{ksd>5wC00sUC%~Cz>K@%A&fS$98YXP?m;J#D*#8j0o^cIqE-7J*TnH9y+
zxE#aKqsy!<yoaFUY2E@1%!VFA%%R4ggF_9C<+)BdDM=I>LgcPp(H2a(OeHW~jBnCl
zJ73`php<W!5^NNaG&+GxY)4&ij#Ok1?JiuzT3{^Y>)u^ZO<6ZR@#~%-#X<SycTcUa
z$iKz_ilhBkN()3pj~>a3{7p-xlH0>hs_-7!(B#*m&`m8K={=k9pu%Q_LHsZB*r&BF
z%MPho__n@H)jKMARy)51ce1(bPE63r1Lb2WeTRDmiUW&|&Z|{zys%e*E)!_9hLJ0l
zIoz4CaFfFQ4ZVKxw56%%PH4S*k?6m6PlS^;FdBRtJzcOws2@6=6;(66ND4If-cyZ;
zuTLwYp+GF*V$GGn^;X18Z5v$NOB0utA~t<P9AW2&G<-5V0i(=I^}-4}PjQ{s6&YeR
zh>zm*T!{?qCSoNOsVL^Cl#=spY<XF|n5;gUII#+@?!`>x>fvr6tWgAS1NRSaL8lJa
z%`CW5REb{WE5lh^*eFV<H%<{yVZ-q;%tbe^6y4JnQH#mj9>*0dzZUcieM6oQjnBei
zc6G#7&6PeZ)}RsLA0bt_V~N-0p?Z<J-4oK?$5*~0xb!SatBT#*#4f52+dsThnb{L%
z@)!<3&~Bpf9+?Q)S{M<kvLm6b(O!s2p69Ysyaw?`BL_ND#LR;x<bp-vmJm*3v>MTP
zQN<OoO(m0Y=ep>@&gfO%YX+7>j4Da5o~kmrL_SlJjxSUcAi=q+rMkwX7Frc6>P;Fx
zaXt-ah+wuiVPuQbwz|;;FvTVC0I9MSD{ReBzYix~26`no>p53o$jp%meNNwm3!(-+
zawSy|50`_5DGVgqx)g!)C3bD$E)pu(W4?JY!i^x45w*^OQ_&phOivb^f@pX)oVDHA
zeCy(UW1x(oX*4CApRNpzuH*4Enz#xZI>ItVd^G352yg6Gu1Gnl`!cbeL>+-Pgf|w&
zL9WRY-`pw@DrM5d-|%-CXINvs6c;15WFvIIWKLrX^q#gX`NG!d&G2$4R~U}HPx*gq
zL8o+Jq+c;<ZM|&Ntb>T`4u%G2oi*P@A^k3hR-D6S86m4GXkru*iN$bTp>ZD?73ETr
zd{pk8G(plEIBnVwAUmqK!Xvy5j~R@S)Vnn%A9qo9{Q@_ql;H+HTg9pdTZiGO&|W;G
zQGT6tjo!?NpTFCeCXU~3%fP0MHYs4>e)3|QUK2vSbsAy|ofdfjY2C|TAD3u&sX$xr
z_Och9PYWVlg4NrK%u(QCxgEN&FK!~h7Ovvro>w{4BXjU@<nV+IQdx~qE-RP${eSIU
zX;@QNw?0WAKo~+X0y0lRf{H|<4WJN22E!CUtx}x8YC?qySSp|<kx3&)kSLfc9EAk!
z6-WHUB0?1!v_(Ro&LV?MA_5vJV1&B@wY}f3`}f}G`FtKBoSePSUTd$t_Ils7_t|T*
z@p&vLr!y1~ho~tO8gNS<fB-_<5Yg#G##~oUYLicFMk3P;0&s}GL4gBLf&S4TH>W|W
z0Z|RSIM0hvt{~5yJggcB0H&wk>Ldi~M0bf4n_Y*RL2y(^LvFq$&r|hd+RpL_7#L9e
z(h*b>m19ccFiox&WJmrXG1>5DS+fL_$X)@M+z+t`XJiihpc+$aV)%!i<^jkP;M!L1
z<LLB}kjyS|s0T|UK4h$nN{kL?==x!{5@~vJEQ`ZC-Cu@fu`z%tvHM9m0<9|%g;uB9
zNG_DS4~uj|N!n52Feh7b{HO*ExB-T)q7eQB@Do13q`&4IjG{gRa^_890}_czY!{`=
zZB(2zIaW#Q*n?tWq$?$;=Gh{Hq2T}~!}bFjX;@jQr)kMHH1mQ{-o-N#l9A@PctopM
z1RPfjSPvNaKDJ>i3^n}*Tk9zNs(k}gaLPs9q}RTB5iFZ7aVm;?9I->e!wo;>!3a=7
z=Q-+|qJ}vVN3#C?^3l?zn#<_KI5&0TLA=FfpWos>hCvgVh9g;rasq0ox=b=AdB6{A
z$<#q(gzN`EdRC%SG-O-X>2VfjOoAd2!qZ^qAnjWhjt}ZGPqvBTBemtK2{{}X2n%yc
z(WmAN-Zx+_*Q#NmP8l#MT}SWm=H#}>9`cOy<hZbIh`?~992(Nv<U~VGDoKhxD88Uw
z9AbMYpp$WzUiO-8cx#84jKO=Rl-9Ts@0LV`o=Pdhl-xPSBZRi;g`s6b0*$o;vKp)7
znvbKjz$Ch7Sl`xb&m#?Y2s!?c0U*}Ut?%#&#0s(#NiVvW$MuL|@1j*-C1ZS)z2Jge
z*jnOP3!;RinT5|CeahEumC%!+6Zs|gd8BZ;93$^4%!g`7Z{*nRf*9kYze2oFHq5v?
zp#Y8SSl%+uviU?FWMF6~8&RD5S)ShLYVa*i3Z7BHAR`kvm)J1VCjY)mahNX(LIz)w
z1atisKjh7+u!aL`q9ev8<+d=wwJMy>0EMEDHJB)~C+YbPhz-(|C?T~=WR<)@geU}C
z$Py<$gWw^i9E@x}UrHYc)NDd}i-^sT6*9135$8!g*MASbr}}&{1J7aOUD8s@aSUBC
zW=x7bZ)z&Jhcfg%=_u^hff=_r6(+C}MIlW)O4HRi_s?NyF!24!tBcu4(;~zg=twNE
z!Qp<0QyLSYfSu?lrC?&a%bZA>+0=87fz&o1_IDp_z>$&_LZvo?4wT;JiunjouBRt}
zt*{d1fM?JW<L5i=C1`{<qE>0^wjam{5+f}3i{O>n5-ov-=Ri;c&ZM7`7z}<=ZtElI
z;%hFB!;|d_>0Ziu=Tl=6Ein?!R}?NE14>mr;&DKf8Qzq<cv_@elJ+IB0%!R%$l&%&
zQAkIZA?)Vma)gsCtgPEqx#KDCGE9~`p61GJlfewM5=1A_ttIzG0F_0V0vuYboWs!8
zcl5&nDIyNBF%OR0GT&tvMNg~7mZt4NaAV;2^#ihQMP#H1jN4P;C-7r&bQ+Qw!NPOh
z(RKa@K9Q|YQ`c{1uAnj+v>u)oBOBYQt6L2_>XbD6SQlTnT1d8Jo1#-|I@;=8*cu(%
zc`?9qAvc@o)}bN<7gVgi3=&2~zh@9uHy|J7*j`a2@<5+%Rf*sPtYk(O@ZKFMSblbT
zi~44c8zW2W`r;_WO-8Em0Qxvsj;t;nWN6t}%u})TSM}y9Fgk!gsfWbAGjq0%RDnG3
z0KWL}Ckom4m+^3Q<|eI0F4rT{TAFZ#P#<(<Nt&;MH%Cg*Q8pku(jy-FA9M?nC5Vtx
zDO-wdVIVN$(j%`mL0IndL25&~J%MVL6A(?0BA!_a8yRfp?SkoWR3RdQb4R;!CnGV*
z4G2gt1~%DU(&Vc5elSRkIb6)~=@ww{elEbH?&Cl@xv_jZPp_qfskt@TpN%xrc98Ti
z=ol=q)+wXixnq_<HUvT<TPw{s5KmP~|3qWVHnq1QJG_s8yVW8g``AN_yAr1~jrl;m
z)lu|qpd0h#REis8Cu^ALHn`!0BPDTMj^)p|m@0KLpc2_nyER2Zc1Xz&I6PJNpg&mr
zu-I*wk&`gQNbnMA<|OpBi<Y_~&%c*6VXEFJdU+;Zm6@%EH<gkmgiPDcGohV1gfbxW
zf^!EpA0n3~WM1itbGlm0Xu0FOE+Fe88GQg@*iHfj)0Nv-<7y;)uD}qZD7+kTs7j7e
zO2tU5RpM&ZdE|%Q0zCil(KNE*ZZw&3cMJkRQHm1vX+J6xV06Sf_t035=QQGs=sVHy
zl7->9`@UV$09hvhDzU&KSE;D}S`45IB8IwnbK*^DNPH=YM{P140|I|Q!M_Y77bzlx
zfp}FyjQ@7BtMG>kDw3dlBVPc0Gs!Z?ile*uhfC6;M}ybtjWTFRbqy!Uv(@m-&C>5}
zv)^)jfk=i<T!2p$;36?~ufoOnd6GudN9+b(WhKloH0v}C$33MtDiBA`g~t{wY7xw>
zDFm2`w4*y(h8a2n@EcSyb%>$O9%@1?`x_7^a1SDDCc=zIe6GpEdx~EkU+r_{=Y0R>
ziUml#EDoX7Q5zt7!912At%gN?f@l_%Dsbf>@qbF54F+rI`nM+nGithmlXX{%^!;!k
zuEvEvz_<g7cWZEg-6r7QpZ|brzF;J{OKp8wW;~PqA>{pRjPGRlZQf<AZt+H?_LqG%
z=I3)aPARMV4ZoA<Gjyxld8+MvB#kwJBHnSVwz_DLF$;g74Vlwkuw0A;E3DJ-ZjQp$
z=!%u#<$3}EFZnsrQB4(jd8A=BA3F0SMEYACxl#JI2h%==D+d_bX$qE!`M*RM$Y7B)
z8=j3xoISwwn<ZB3|3sG($-7sO-{mk74c|vfv_V*eYP`Gl@aRIpLX$ba*=5XAp8aLl
z6B%<^vS0StoE_+Z;y@1I3!ef1`@U5#GQ%t7*mznsM=v<G!gAoCzU6q?G7E8VED-4y
ztR#AG9_+6Th=a8q5UOp@mFux&HRd$~2fu8&CCA(@+-HNlikJ}H`2{{=O}O1mhYx2v
zx2_TmDeHD6hU$woY-w}GX!WjFl+tTUalSu%DIq)ZEQ`s&a=)gqAyKHrk;I(7>r~yq
zmjH3jjG+R}M6&%fa*3hsk?2Fx3udLuaej;Ad=aglpmv_gD9W<kcb=`E)y&k9+A?|z
zM^R1O!$MfPAVFeyIDa6oPq@>HH)0Z(Uy9S)$hN%OI3_J(>mKT{s?1&-x6s6}p&7FC
zVRpv_Rjpr?y=xp|))novuW)=BwGeaTXcS?zIGbmtMT%|bEA_&2BVf1@fyDO_wwY;|
zc7WNE^yHXR5jYtPSo(+3#9@ZEX>Va7Ni!pLD4?hf8Fm#`jyly)*QecUUTSx_nI_NK
zk=quWIuN{$ut~~4?1we6?xV$CL9r)zdRtlq8cyFaDY+hmP^C6!FlbVaSsfUYqAWx4
z1|kAO_CxOp9tOgvB+4G}%+^Q9AEekz*U7znUDdhfI3%3OhUqmtSZg2IN`w%8h+<?|
zD7pn(9G9d*YL!4q0b;~*)aMA$*|vxFoxdHZL|treNPpx?78rDgTp0@aNQKo++0S9`
z6>P1wJFNL@(ZQjRci`nOzcn}Th=`YLnUlaF$X#XE&Dodr7x-(JVPl`S2(X<Q5DFqP
zi)4RrqcMf?RDxTCt$huZ+H;6>Qflj`PHF9@J`~{~q!m(jK_ZL8Xu#@)3)}QoQnXP-
z$RRS-EGBYttjsa*?v=B=c|!~**h>_F=zA3D20*kB#6bEaAgKZ12ZJey0Ye+Gh<bK!
zFfGG&6^gf5Got|)2(VorBoJ|*X2S};vmy)w`EZt3Rm}llv@DlEfS*Jr=MWnsov)Od
z?+RmLyY;JJtyx9Lvhe}t-Kt_A6-7Gd>0x5g)~p;;sp-)~xR^yeQ|6rPcc444w3d|Z
z0@=D~M1tj6xYIgH?d^(qBlNOCM$Wl%{zNN=K^vhQT&C!TP*2E)>|IxZ1z^)eA1l$F
z?vQ19Z}C8RWQ+X}TMI=jiFeP+rZxTfH1cZMG(zz1v}yJ3>zhVwZ;Y==wwo}m9m(UA
zydRrJ@}8+ET=>@W1$X97_q?RQ&EtW)YbRi>v&>vYo<=frf~Jv@ORDUbok1sYnOXmS
zWg5{jK3*~ocQ?jQktXtz8nq5qUf{|eP5E+1%86eLY@T_{OBK0y<*U5fk^BMg_aET7
zZ~-bRU_#ZkD%kVZ8L-4)wJy}=STK!vb0_qtkvsgZjZRbhr;&H&(@2)rZi{0kQ$`!@
z|Gu(V<?wUBx3#KFb!iWS)hYk}we?5=$NKZL`h4!$ayuOrp6%RMU(RU6N#Wi19yC%r
z9^P!IZdpM;?D<wVtz@QYB>~X1=Gmq}<?5z+3B7yNMZCwu)qfp5I<5k-!=^~d_3jRf
zRrAffRa4woU|gVZa!c(@^>8m#UkH2cGfM-SRr_Zjzj>TV`)=Z|(i2@StF@r?m;aQe
z{9QVt@8E<3c{KD0Xr*>S2eeW+WpvtPipzaBN3E4TISv_c!Tj?D>k(0Z6>P|UIjffC
ze)nv>JJr>JWYF-4qjTA{??28;*>_Og+04q#6Q5?~D1pNNd^@8u=N9hgqTD-cOS#R%
zQ!BY6rNy@QY(S)PzZoUX^nhx<$KuZtxOZ6`Gu%_|FZ=S=H1bHTkuZ>W^Jj_G`hxC(
zXHCqsghD)|{QJwBU0$m}PMu|kLFAGdk@Ln2{bXw0scUlYA{f1~9y!J?`KL6^cN$q7
zJN0Q++xg~uGW>>qn6WZv$45%xqgi_rvX7qd4Xu%+{5)%|CC?^zs6Ndae(^T1b=EK{
zieyh~M}LLKz$l<KPeA+BcAad~vlW_zKjE=)_V!()2FHa7wX>GF&EkT0r>&y4Z*XRW
zMdlo=%!l@Do-tzKHkS>=&0h@QrZ)X$$@D!1YTKGM+^}N1S9!zZt9NrhD~Ee0q!eDq
z&^I%H)TUWl|CH`MIwAX%1d5+B+Gjm80@S^4F=_yo<1jg6cYm363p6?SAF~8Cv%#+a
z(zAD`BW%&{8=f`d2U%+4a8$TWBi6Hu&c78@W<8M(#lM@iYA2P0I6wvFF*9ny#sih7
zz%RU1w@qyWw#0+VOA}yD>ibJzaBu!=z)_Ox_a2)wWwdC))c#p5S&!s%W_`gk6<IwT
z)hfFNPo7m%-uORmCV=L9EI`+9%Weq!XJY^V{P<rKfth}Sz$rs;7AFRa|ND$?^%0w&
z&)hcN`_Gx%R`B_Mp0f?F!$H(<{&9rs*uOsirar0`{sqE+^>?3t|DSr35wZtC|MMoJ
z|G#fC8gbJ=-_JQZt|R%le7w29(fb8Wvo7knRUVVufzODi(_I^hAEi9vwXoa?BkoJQ
zXv6dThFh}!Y+jY_*9Vp?>hT`I`9?*b)2!%0l=scB9gAGTf>OD|8I0>yvHb5SUVME_
zV#sMZeOW8+ZFb(%=a>Qwlv~BtJrEULb^q)8FIPEcaFPu4Z=sVUSjqG4g6kWbzIC;d
zx`i0u&?+-38ONYsG2+W3Gc<T`L+!Sk&#K?N>-g}Pt$U_+$Ej1=+nPU0k5?p^4EvBL
z&!8?xjwPiHH;$broNhdG$ofT--QM3;1lH*Y)5d;!JB?5swxt(WHf#^E`g2Q=vE?r3
zyM6cLGo36BBr>RoF5xF9r}0Bwrx!SPZVRU@PufNPLia3=_wnlf4tj&vq6$~-<)@M#
z(dw=ocYayDFn#ITz5Z(tpY(oWFF=kV7lW=jY|%sT`b#5my^JUB`qkbN>@~~Xbvp^q
zCPxQYM!H77+j)ufw(&A$C*1o|Y4k|m)r6h9WhCTr_5f1QGfCJx5q_|3$z(obZl2fv
zO~s<|tKTd{DOT6#8|!`(Iuc|shS94D+&P9s&OMy+dga^PA<OrxK5i!X7=%SCc#eB7
z6<XB8fz$*c<4N7VpFD6=wEDcp*5Bi={Pb&p=c%?le$9=ZA1%I6@C%q%wY^h65Wg8*
z+vT}AsfXH1$McQu5B6XxuTguRx7r-}W8As>JRuF%iTB8Ue7C<pUsw}o<mwvR&aEk~
z)V!c~k#PEP^GF7>!Ssr5Pkzg_Ho38R0+rJEe$Sv-*#FJFb`y(uJU^eYr2e8WG3t8k
z&JTJGLhWIpb40bdyz=SJ-zDo-$u3gEFCO20<eh2b>(s%o8t?V4lHTcKf08eHsS%U+
zbQ6t7b0C{`laem~?67`&fM<M(l_V)nr(&D?H`(7OPd#8?dt>5j-b65Fzp69+SSC28
zg<V2y^w`~d;_l_(er-b+Rr1a1HCsE9KfXz5PR?Z+JDz+zwDM*3=C{JQpta_wJCXve
z8w4@Vp2PXK>NeEyUVY*`E=+hx4;{A<BRk`cEVF&CJ&>nwTet50)ui+Y-NSK5v#C8_
zwWE2mUL#zBQw8Ezchtxr46Uefv3B_*-MEkBn^<%BC+f3`6+W`-JGTdtx^eT$`N69M
zl#b+J-@4Z!rkgtUuR*fxw!U9gK7|WkdgN4w<5T;waNoc=cKclJ{qno+fNbu(mJ4;Z
z_S>32tXHqLr>&Y?n7;CY;+!SkZ=HwvnMD?zN6%<P?0VysWG{K3<4H>7UxxQJef7~&
zA^R5{2Qlv4fCauk8!zz83f<~?sDJ(1)C-s9J?LMV+joGHboF9&zJD&PyDFjBY<sjy
z0E-&@T=VU6BOl?)mtHw(2MPbcTY9_8F@hKix@1bEjf_d2F*F@LTQTLuHIyR^J+Cp`
zwqmzHHmCbxslB}bA2aZU*3Bix&q-+?D$Z>1jp;czW|duxPCm?BpLS`YA+Xd+Ss$pm
zVvQI{xt~%;2M|9QegoFk=0>gu<m4{RA7^PK5l@`4f5<Znp#9n`u{}At#%EDRtmaLX
z^XrF+QD!UdnJl&YBQMY+J@Q(%pKQ~uNW*T|&<$TZp)%UoY2Ek-#01!#KVRs#H*;rq
zg*OeO^K)ik<7UlNcMHOroBRhFjp?!U^6fT4_BRdz&hD_#{#vL#>4N-&SwIDC>=#s9
z;y%C<`<kU~FXBca*-Ptm9}`52n0`j&UsrHClH7t%1lBC^s?1&&;9VV4dYe*)`_1mi
zn~LMsh01c>gCp)Xr&1m`U$A2hR-M~gmC{U8MO>a+Z*gs5`J#ykn&$1%h+W8hf4{Z$
zd4pene<Lz$t<%L8{=}Nh{j?veO>;6H__->uc=w&XVvgR9gjA^&EMPvueGunI?<za<
z`tDL2n^p&rRcd)|iWDcphIk_^tZ6>~xgd$!Snf;?5xCwKy{&hxtGa(|#lBBJxi5P1
z`0dup(Oh`BRPd@ggl<7(x;F&YuZVM64mks!686B(BnR)T@Q`b6k<rhaXnfy`{wuJ?
zqb-Af?<a?R&g;Z6=>nq#k-wl?_-0^Xsk&lMSS#Wa0*SvcoLJ!7fcUEV-OE@n6-B8e
z?J}!VR|&sgWwmz|TeqKE=kV1~#DdAzxjFwO*t1m-b9toOoiw778=EX|5y$91p=H(d
zV{*rER~8L1<PR|D$dWYRT)0uO>GCB!U!kZc`eDk#lslB)sxUHIy~{g;#D>86-D2$B
z`qIadnP*Se%SXv$q_LtM?y|I)%V)y}!#3>cExNF{$n6o$7|%1SCuE)~>0!Ll7~xjf
zdex8()7#?ZEGjRztw`$_1?do^6Ym$>g?1HXy|Z85oxl3eHTHsqo;i<yu}r14ZcBc5
z-Qvve_8S^Kl7~W;T_bijEimYh^>fZOe0iL9$mAkt!_h?DM$c9_uemwS#dy{2t=~`N
z*quU4BG&|tWFLTuB{8@1uI#$)DeFJgZ)Nj_u$rsJik2+yZve(Ok6ds+S!)LndC^zu
zklc)$1^8JE<F^p-cS&b}n~4K}xy&EeTfb9-g;o_M;LsQ!U<@Dw?>oX2i+tiZb7{#8
zO5seAYDYwa-ZQYGKt*}q=x%2{a{SxPGsv=F20#B-6kr@cp(UL`#Xk28)nIYMELbe*
z4BQ)b0bqvphk@Ce&DtIQ__0DhjnuB5BE1|BTpFgP9~!>}3_^WpV`ck?RuJ$HwVh#B
z^Z$?q0dRu$dK#<(0VZW?$muWxFjrsa&Oi}p-NY-Gz(WAo94ltY1n)a}<A>LJzf&_F
PAX)O2cdH;`o__M*$A(em

literal 0
HcmV?d00001

diff --git a/tests/bugfixes/github/test_issue_ghsa_h9x9_4f77_336w.py b/tests/bugfixes/github/test_issue_ghsa_h9x9_4f77_336w.py
new file mode 100644
index 0000000000..d8c01d201b
--- /dev/null
+++ b/tests/bugfixes/github/test_issue_ghsa_h9x9_4f77_336w.py
@@ -0,0 +1,17 @@
+# -*- coding: utf-8 -*-
+
+from system_tests import CaseMeta, CopyTmpFiles, path, check_no_ASAN_UBSAN_errors
+
+class Jp2ImageEncodeJp2HeaderOutOfBoundsRead2(metaclass=CaseMeta):
+    """
+    Regression test for the bug described in:
+    https://github.com/Exiv2/exiv2/security/advisories/GHSA-h9x9-4f77-336w
+    """
+    url = "https://github.com/Exiv2/exiv2/security/advisories/GHSA-h9x9-4f77-336w"
+
+    filename = path("$data_path/issue_ghsa_h9x9_4f77_336w_poc.exv")
+    commands = ["$exiv2 -P t $filename"]
+    retval = [0]
+
+    compare_stdout = check_no_ASAN_UBSAN_errors
+    compare_stderr = check_no_ASAN_UBSAN_errors

From 18d168959792d1eb42bb71d001ff46b57d6b97ab Mon Sep 17 00:00:00 2001
From: Kevin Backhouse <kevinbackhouse@github.com>
Date: Fri, 2 Jul 2021 17:19:58 +0100
Subject: [PATCH 2/3] Throw exception if lens info wasn't found.

---
 src/pentaxmn_int.cpp | 35 ++++++++++++++++++++++-------------
 1 file changed, 22 insertions(+), 13 deletions(-)

diff --git a/src/pentaxmn_int.cpp b/src/pentaxmn_int.cpp
index 313577eb85..73afa32bbd 100644
--- a/src/pentaxmn_int.cpp
+++ b/src/pentaxmn_int.cpp
@@ -1213,6 +1213,25 @@ namespace Exiv2 {
         return result;
     }
 
+    // Exception thrown by findLensInfo when the lens info can't be found.
+    class LensInfoNotFound : public std::exception {
+    public:
+      LensInfoNotFound() {}
+    };
+
+    // Throws std::exception if the LensInfo can't be found.
+    static ExifData::const_iterator findLensInfo(const ExifData* metadata) {
+      const ExifData::const_iterator dngLensInfo = metadata->findKey(ExifKey("Exif.PentaxDng.LensInfo"));
+      if (dngLensInfo != metadata->end()) {
+        return dngLensInfo;
+      }
+      const ExifData::const_iterator lensInfo = metadata->findKey(ExifKey("Exif.Pentax.LensInfo"));
+      if (lensInfo != metadata->end()) {
+        return lensInfo;
+      }
+      throw LensInfoNotFound();
+    }
+
     //! resolveLens0x32c print lens in human format
     std::ostream& resolveLens0x32c(std::ostream& os, const Value& value,
                                                  const ExifData* metadata)
@@ -1249,11 +1268,7 @@ namespace Exiv2 {
             unsigned long index  = 0;
 
             // http://www.sno.phy.queensu.ca/~phil/exiftool/TagNames/Pentax.html#LensData
-            const ExifData::const_iterator lensInfo = metadata->findKey(ExifKey("Exif.PentaxDng.LensInfo")) != metadata->end()
-                                                    ? metadata->findKey(ExifKey("Exif.PentaxDng.LensInfo"))
-                                                    : metadata->findKey(ExifKey("Exif.Pentax.LensInfo"))
-                                                    ;
-            if ( lensInfo == metadata->end() ) return EXV_PRINT_COMBITAG_MULTI(pentaxLensType, 2, 1, 2)(os, value, metadata);
+            const ExifData::const_iterator lensInfo = findLensInfo(metadata);
             if ( lensInfo->count() < 5       ) return EXV_PRINT_COMBITAG_MULTI(pentaxLensType, 2, 1, 2)(os, value, metadata);
 
             if ( value.count() == 2 ) {
@@ -1307,10 +1322,7 @@ namespace Exiv2 {
         try {
             unsigned long index  = 0;
 
-            const ExifData::const_iterator lensInfo = metadata->findKey(ExifKey("Exif.PentaxDng.LensInfo")) != metadata->end()
-                                                    ? metadata->findKey(ExifKey("Exif.PentaxDng.LensInfo"))
-                                                    : metadata->findKey(ExifKey("Exif.Pentax.LensInfo"))
-                                                    ;
+            const ExifData::const_iterator lensInfo = findLensInfo(metadata);
             if ( value.count() == 4 ) {
                 std::string model       = getKeyString("Exif.Image.Model"      ,metadata);
                 if ( model.rfind("PENTAX K-3", 0)==0 && lensInfo->count() == 128 && lensInfo->toLong(1) == 168 && lensInfo->toLong(2) == 144 ) index = 7;
@@ -1335,10 +1347,7 @@ namespace Exiv2 {
         try {
             unsigned long index  = 0;
 
-            const ExifData::const_iterator lensInfo = metadata->findKey(ExifKey("Exif.PentaxDng.LensInfo")) != metadata->end()
-                                                    ? metadata->findKey(ExifKey("Exif.PentaxDng.LensInfo"))
-                                                    : metadata->findKey(ExifKey("Exif.Pentax.LensInfo"))
-                                                    ;
+            const ExifData::const_iterator lensInfo = findLensInfo(metadata);
             if ( value.count() == 4 ) {
                 std::string model       = getKeyString("Exif.Image.Model"      ,metadata);
                 if ( model.rfind("PENTAX K-3", 0)==0 && lensInfo->count() == 128 && lensInfo->toLong(1) == 131 && lensInfo->toLong(2) == 128 )

From 3ac426b2c04004422c290425259082281e090116 Mon Sep 17 00:00:00 2001
From: Kevin Backhouse <kevinbackhouse@github.com>
Date: Sat, 3 Jul 2021 22:36:53 +0100
Subject: [PATCH 3/3] Check that findKey didn't return end().

---
 src/convert.cpp      | 33 ++++++++++++++++++---------------
 src/crwimage_int.cpp | 12 ++++++++++--
 src/exif.cpp         |  4 ++--
 src/iptc.cpp         |  4 ++--
 src/xmp.cpp          |  4 ++--
 5 files changed, 34 insertions(+), 23 deletions(-)

diff --git a/src/convert.cpp b/src/convert.cpp
index aa65626ac2..f4d1fdf0a1 100644
--- a/src/convert.cpp
+++ b/src/convert.cpp
@@ -665,16 +665,17 @@ namespace Exiv2 {
 
         if (subsecTag) {
             ExifData::iterator subsec_pos = exifData_->findKey(ExifKey(subsecTag));
-            if (   subsec_pos != exifData_->end()
-                && subsec_pos->typeId() == asciiString) {
-                std::string ss = subsec_pos->toString();
-                if (!ss.empty()) {
-                    bool ok = false;
-                    stringTo<long>(ss, ok);
-                    if (ok) subsec = std::string(".") + ss;
+            if (subsec_pos != exifData_->end()) {
+                if (subsec_pos->typeId() == asciiString) {
+                    std::string ss = subsec_pos->toString();
+                    if (!ss.empty()) {
+                        bool ok = false;
+                        stringTo<long>(ss, ok);
+                        if (ok) subsec = std::string(".") + ss;
+                    }
                 }
+                if (erase_) exifData_->erase(subsec_pos);
             }
-            if (erase_) exifData_->erase(subsec_pos);
         }
 
         if (subsec.size() > 10) subsec = subsec.substr(0, 10);
@@ -1027,18 +1028,20 @@ namespace Exiv2 {
 #endif
         }
         pos = xmpData_->findKey(XmpKey(std::string(from) + "/exif:RedEyeMode"));
-        if (pos != xmpData_->end() && pos->count() > 0) {
-            int red = pos->toLong();
-            if (pos->value().ok())
-                value |= (red & 1) << 6;
+        if (pos != xmpData_->end()) {
+            if (pos->count() > 0) {
+                int red = pos->toLong();
+                if (pos->value().ok())
+                    value |= (red & 1) << 6;
 #ifndef SUPPRESS_WARNINGS
-            else
-                EXV_WARNING << "Failed to convert " << std::string(from) + "/exif:RedEyeMode" << " to " << to << "\n";
+                else
+                    EXV_WARNING << "Failed to convert " << std::string(from) + "/exif:RedEyeMode" << " to " << to << "\n";
 #endif
+            }
+            if (erase_) xmpData_->erase(pos);
         }
 
         (*exifData_)[to] = value;
-        if (erase_) xmpData_->erase(pos);
     }
 
     void Converter::cnvXmpGPSCoord(const char* from, const char* to)
diff --git a/src/crwimage_int.cpp b/src/crwimage_int.cpp
index 6e89027556..01adf1f184 100644
--- a/src/crwimage_int.cpp
+++ b/src/crwimage_int.cpp
@@ -1100,8 +1100,16 @@ namespace Exiv2 {
         if (ed2 != edEnd) size += ed2->size();
         if (size != 0) {
             DataBuf buf(size);
-            if (ed1 != edEnd) ed1->copy(buf.pData_, pHead->byteOrder());
-            if (ed2 != edEnd) ed2->copy(buf.pData_ + ed1->size(), pHead->byteOrder());
+            long pos = 0;
+            if (ed1 != edEnd) {
+                ed1->copy(buf.pData_, pHead->byteOrder());
+                pos += ed1->size();
+            }
+            if (ed2 != edEnd) {
+                ed2->copy(buf.pData_ + pos, pHead->byteOrder());
+                pos += ed2->size();
+            }
+            assert(pos == size);
             pHead->add(pCrwMapping->crwTagId_, pCrwMapping->crwDir_, buf);
         }
         else {
diff --git a/src/exif.cpp b/src/exif.cpp
index 263ab23dd3..685073b530 100644
--- a/src/exif.cpp
+++ b/src/exif.cpp
@@ -579,8 +579,8 @@ namespace Exiv2 {
         ExifKey exifKey(key);
         iterator pos = findKey(exifKey);
         if (pos == end()) {
-            add(Exifdatum(exifKey));
-            pos = findKey(exifKey);
+            exifMetadata_.push_back(Exifdatum(exifKey));
+            return exifMetadata_.back();
         }
         return *pos;
     }
diff --git a/src/iptc.cpp b/src/iptc.cpp
index 908ef5bd9c..a73e158734 100644
--- a/src/iptc.cpp
+++ b/src/iptc.cpp
@@ -263,8 +263,8 @@ namespace Exiv2 {
         IptcKey iptcKey(key);
         iterator pos = findKey(iptcKey);
         if (pos == end()) {
-            add(Iptcdatum(iptcKey));
-            pos = findKey(iptcKey);
+            iptcMetadata_.push_back(Iptcdatum(iptcKey));
+            return iptcMetadata_.back();
         }
         return *pos;
     }
diff --git a/src/xmp.cpp b/src/xmp.cpp
index 2cd2593677..9f47a1a8f9 100644
--- a/src/xmp.cpp
+++ b/src/xmp.cpp
@@ -308,8 +308,8 @@ namespace Exiv2 {
         XmpKey xmpKey(key);
         iterator pos = findKey(xmpKey);
         if (pos == end()) {
-            add(Xmpdatum(xmpKey));
-            pos = findKey(xmpKey);
+            xmpMetadata_.push_back(Xmpdatum(xmpKey));
+            return xmpMetadata_.back();
         }
         return *pos;
     }