diff options
author | Yi Zhao <yi.zhao@windriver.com> | 2017-08-18 14:55:11 +0800 |
---|---|---|
committer | Martin Jansa <Martin.Jansa@gmail.com> | 2017-08-28 11:06:02 +0200 |
commit | a7f02b1fe59e1c35e0abfe5f716df0fcd8b9d204 (patch) | |
tree | 5924ee10d0af275e07e3b5a01baf0180416b6236 /meta-oe/recipes-support/gd/gd | |
parent | 2ee20c389a3db6e1bb633e06ffd2ade43a70e14d (diff) | |
download | meta-openembedded-contrib-a7f02b1fe59e1c35e0abfe5f716df0fcd8b9d204.tar.gz |
gd: update to 2.2.4
* Remove the following patches which already merged in upstream:
fix-gcc-unused-functions.patch
.gitignore-the-new-test-case.patch
CVE-2016-10166.patch
CVE-2016-10167.patch
CVE-2016-10168.patch
CVE-2016-6906-1.patch
CVE-2016-6906-2.patch
Fix-290-TGA-RLE-decoding-is-broken.patch
* Update LICENSE's MD5 check sum.
The COPYING file has been update with the following commits in
upstream:
commit f863b3c2d300ff5344f6752e5813b0d6985e79c4
Resolve #282: COPYING vs. docs/naturaldocs/license.txt
commit 9ccdaedbd9a2cfd1c8a9a258c09af161e796bd41
Sync COPYING and docs/naturaldocs/license.txt
These two commits updated the copyright statement regarding the
authorship of gd and adjust the format.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Diffstat (limited to 'meta-oe/recipes-support/gd/gd')
7 files changed, 0 insertions, 831 deletions
diff --git a/meta-oe/recipes-support/gd/gd/.gitignore-the-new-test-case.patch b/meta-oe/recipes-support/gd/gd/.gitignore-the-new-test-case.patch deleted file mode 100644 index eab4975cb6..0000000000 --- a/meta-oe/recipes-support/gd/gd/.gitignore-the-new-test-case.patch +++ /dev/null @@ -1,24 +0,0 @@ -From 8520274759cb8f95e483b02a445aff225e13467b Mon Sep 17 00:00:00 2001 -From: "Christoph M. Becker" <cmbecker69@gmx.de> -Date: Tue, 16 Aug 2016 16:00:27 +0200 -Subject: [PATCH] .gitignore the new test case - -Upstream-Status: Backport - -Signed-off-by: Catalin Enache <catalin.enache@windriver.com> ---- - tests/tga/.gitignore | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/tests/tga/.gitignore b/tests/tga/.gitignore -index e88e124..7a659b1 100644 ---- a/tests/tga/.gitignore -+++ b/tests/tga/.gitignore -@@ -4,3 +4,4 @@ - /bug00248 - /bug00248a - /tga_null -+/tga_read --- -2.10.2 - diff --git a/meta-oe/recipes-support/gd/gd/CVE-2016-10166.patch b/meta-oe/recipes-support/gd/gd/CVE-2016-10166.patch deleted file mode 100644 index 7ccfbeabc2..0000000000 --- a/meta-oe/recipes-support/gd/gd/CVE-2016-10166.patch +++ /dev/null @@ -1,60 +0,0 @@ -From c92240c1670c20c2f854761d3a89ab61dd158c91 Mon Sep 17 00:00:00 2001 -From: "Christoph M. Becker" <cmbecker69@gmx.de> -Date: Sat, 6 Aug 2016 10:08:53 +0200 -Subject: [PATCH] Fix potential unsigned underflow - -No need to decrease `u`, so we don't do it. While we're at it, we also factor -out the overflow check of the loop, what improves performance and readability. - -This issue has been reported by Stefan Esser to security@libgd.org. - -Upstream-Status: Backport -CVE: CVE-2016-10166 - -Signed-off-by: Catalin Enache <catalin.enache@windriver.com> ---- - src/gd_interpolation.c | 19 ++++++++++--------- - 1 file changed, 10 insertions(+), 9 deletions(-) - -diff --git a/src/gd_interpolation.c b/src/gd_interpolation.c -index 7e7943d..9944349 100644 ---- a/src/gd_interpolation.c -+++ b/src/gd_interpolation.c -@@ -829,8 +829,13 @@ static inline LineContribType * _gdContributionsAlloc(unsigned int line_length, - { - unsigned int u = 0; - LineContribType *res; -- int overflow_error = 0; -+ size_t weights_size; - -+ if (overflow2(windows_size, sizeof(double))) { -+ return NULL; -+ } else { -+ weights_size = windows_size * sizeof(double); -+ } - res = (LineContribType *) gdMalloc(sizeof(LineContribType)); - if (!res) { - return NULL; -@@ -847,15 +852,11 @@ static inline LineContribType * _gdContributionsAlloc(unsigned int line_length, - return NULL; - } - for (u = 0 ; u < line_length ; u++) { -- if (overflow2(windows_size, sizeof(double))) { -- overflow_error = 1; -- } else { -- res->ContribRow[u].Weights = (double *) gdMalloc(windows_size * sizeof(double)); -- } -- if (overflow_error == 1 || res->ContribRow[u].Weights == NULL) { -+ res->ContribRow[u].Weights = (double *) gdMalloc(weights_size); -+ if (res->ContribRow[u].Weights == NULL) { - unsigned int i; -- u--; -- for (i=0;i<=u;i++) { -+ -+ for (i=0;i<u;i++) { - gdFree(res->ContribRow[i].Weights); - } - gdFree(res->ContribRow); --- -2.10.2 - diff --git a/meta-oe/recipes-support/gd/gd/CVE-2016-10167.patch b/meta-oe/recipes-support/gd/gd/CVE-2016-10167.patch deleted file mode 100644 index 54ef22cb62..0000000000 --- a/meta-oe/recipes-support/gd/gd/CVE-2016-10167.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 6ab531ef0d82efb9e00236ee5ea23928335d221f Mon Sep 17 00:00:00 2001 -From: Catalin Enache <catalin.enache@windriver.com> -Date: Fri, 7 Apr 2017 12:30:22 +0300 -Subject: [PATCH] Fix DOS vulnerability in gdImageCreateFromGd2Ctx() - -We must not pretend that there are image data if there are none. Instead -we fail reading the image file gracefully. - -Upstream-Status: Backport -CVE: CVE-2016-10167 - -Signed-off-by: Catalin Enache <catalin.enache@windriver.com> ---- - src/gd_gd2.c | 14 ++++++-------- - 1 file changed, 6 insertions(+), 8 deletions(-) - -diff --git a/src/gd_gd2.c b/src/gd_gd2.c -index 8df93c1..bae65ea 100644 ---- a/src/gd_gd2.c -+++ b/src/gd_gd2.c -@@ -445,18 +445,16 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFromGd2Ctx (gdIOCtxPtr in) - - if (im->trueColor) { - if (!gdGetInt (&im->tpixels[y][x], in)) { -- /*printf("EOF while reading\n"); */ -- /*gdImageDestroy(im); */ -- /*return 0; */ -- im->tpixels[y][x] = 0; -+ gd_error("gd2: EOF while reading\n"); -+ gdImageDestroy(im); -+ return NULL; - } - } else { - int ch; - if (!gdGetByte (&ch, in)) { -- /*printf("EOF while reading\n"); */ -- /*gdImageDestroy(im); */ -- /*return 0; */ -- ch = 0; -+ gd_error("gd2: EOF while reading\n"); -+ gdImageDestroy(im); -+ return NULL; - } - im->pixels[y][x] = ch; - } --- -2.10.2 - diff --git a/meta-oe/recipes-support/gd/gd/CVE-2016-10168.patch b/meta-oe/recipes-support/gd/gd/CVE-2016-10168.patch deleted file mode 100644 index aef1060c45..0000000000 --- a/meta-oe/recipes-support/gd/gd/CVE-2016-10168.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 2d37bdc03a6e2b820fe380016f22592a7733e0be Mon Sep 17 00:00:00 2001 -From: Catalin Enache <catalin.enache@windriver.com> -Date: Fri, 7 Apr 2017 12:32:49 +0300 -Subject: [PATCH] Fix #354: Signed Integer Overflow gd_io.c - -GD2 stores the number of horizontal and vertical chunks as words (i.e. 2 -byte unsigned). These values are multiplied and assigned to an int when -reading the image, what can cause integer overflows. We have to avoid -that, and also make sure that either chunk count is actually greater -than zero. If illegal chunk counts are detected, we bail out from -reading the image. - -Upstream-Status: Backport -CVE: CVE-2016-10168 - -Signed-off-by: Catalin Enache <catalin.enache@windriver.com> ---- - src/gd_gd2.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/src/gd_gd2.c b/src/gd_gd2.c -index bae65ea..9006bd2 100644 ---- a/src/gd_gd2.c -+++ b/src/gd_gd2.c -@@ -151,6 +151,10 @@ _gd2GetHeader (gdIOCtxPtr in, int *sx, int *sy, - GD2_DBG (printf ("%d Chunks vertically\n", *ncy)); - - if (gd2_compressed (*fmt)) { -+ if (*ncx <= 0 || *ncy <= 0 || *ncx > INT_MAX / *ncy) { -+ GD2_DBG(printf ("Illegal chunk counts: %d * %d\n", *ncx, *ncy)); -+ goto fail1; -+ } - nc = (*ncx) * (*ncy); - - GD2_DBG (printf ("Reading %d chunk index entries\n", nc)); --- -2.10.2 - diff --git a/meta-oe/recipes-support/gd/gd/CVE-2016-6906-1.patch b/meta-oe/recipes-support/gd/gd/CVE-2016-6906-1.patch deleted file mode 100644 index 97b7f72498..0000000000 --- a/meta-oe/recipes-support/gd/gd/CVE-2016-6906-1.patch +++ /dev/null @@ -1,167 +0,0 @@ -From fb0e0cce0b9f25389ab56604c3547351617e1415 Mon Sep 17 00:00:00 2001 -From: "Christoph M. Becker" <cmbecker69@gmx.de> -Date: Tue, 16 Aug 2016 16:26:19 +0200 -Subject: [PATCH] Fix OOB reads of the TGA decompression buffer - -It is possible to craft TGA files which will overflow the decompression -buffer, but not the image's bitmap. Therefore we augment the check for the -bitmap's overflow with a check for the buffer's overflow. - -This issue had been reported by Ibrahim El-Sayed to security@libgd.org. - -CVE-2016-6906 - -Upstream-Status: Backport -CVE: CVE-2016-6906 - -Signed-off-by: Catalin Enache <catalin.enache@windriver.com> ---- - src/gd_tga.c | 6 ++++-- - tests/tga/.gitignore | 1 + - tests/tga/CMakeLists.txt | 1 + - tests/tga/Makemodule.am | 2 ++ - tests/tga/heap_overflow.c | 51 ++++++++++++++++++++++++++++++++++++++++++++ - tests/tga/heap_overflow.tga | Bin 0 -> 605 bytes - 6 files changed, 59 insertions(+), 2 deletions(-) - create mode 100644 tests/tga/heap_overflow.c - create mode 100644 tests/tga/heap_overflow.tga - -diff --git a/src/gd_tga.c b/src/gd_tga.c -index 8737b04..68e4b17 100644 ---- a/src/gd_tga.c -+++ b/src/gd_tga.c -@@ -300,7 +300,8 @@ int read_image_tga( gdIOCtx *ctx, oTga *tga ) - encoded_pixels = ( ( decompression_buffer[ buffer_caret ] & ~TGA_RLE_FLAG ) + 1 ); - buffer_caret++; - -- if ((bitmap_caret + (encoded_pixels * pixel_block_size)) > image_block_size) { -+ if ((bitmap_caret + (encoded_pixels * pixel_block_size)) > image_block_size -+ || buffer_caret + pixel_block_size > rle_size) { - gdFree( decompression_buffer ); - gdFree( conversion_buffer ); - return -1; -@@ -316,7 +317,8 @@ int read_image_tga( gdIOCtx *ctx, oTga *tga ) - encoded_pixels = decompression_buffer[ buffer_caret ] + 1; - buffer_caret++; - -- if ((bitmap_caret + (encoded_pixels * pixel_block_size)) > image_block_size) { -+ if ((bitmap_caret + (encoded_pixels * pixel_block_size)) > image_block_size -+ || buffer_caret + (encoded_pixels * pixel_block_size) > rle_size) { - gdFree( decompression_buffer ); - gdFree( conversion_buffer ); - return -1; -diff --git a/tests/tga/.gitignore b/tests/tga/.gitignore -index 7a659b1..cf0556b 100644 ---- a/tests/tga/.gitignore -+++ b/tests/tga/.gitignore -@@ -3,5 +3,6 @@ - /bug00247a - /bug00248 - /bug00248a -+/heap_overflow - /tga_null - /tga_read -diff --git a/tests/tga/CMakeLists.txt b/tests/tga/CMakeLists.txt -index 789fb14..11542a0 100644 ---- a/tests/tga/CMakeLists.txt -+++ b/tests/tga/CMakeLists.txt -@@ -5,6 +5,7 @@ LIST(APPEND TESTS_FILES - bug00247a - bug00248 - bug00248a -+ heap_overflow - tga_read - ) - -diff --git a/tests/tga/Makemodule.am b/tests/tga/Makemodule.am -index a1e6af6..916d707 100644 ---- a/tests/tga/Makemodule.am -+++ b/tests/tga/Makemodule.am -@@ -4,6 +4,7 @@ libgd_test_programs += \ - tga/bug00247a \ - tga/bug00248 \ - tga/bug00248a \ -+ tga/heap_overflow \ - tga/tga_null \ - tga/tga_read - -@@ -14,6 +15,7 @@ EXTRA_DIST += \ - tga/bug00247a.tga \ - tga/bug00248.tga \ - tga/bug00248a.tga \ -+ tga/heap_overflow.tga \ - tga/tga_read_rgb.png \ - tga/tga_read_rgb.tga \ - tga/tga_read_rgb_rle.tga -diff --git a/tests/tga/heap_overflow.c b/tests/tga/heap_overflow.c -new file mode 100644 -index 0000000..0e9a2d0 ---- /dev/null -+++ b/tests/tga/heap_overflow.c -@@ -0,0 +1,51 @@ -+/** -+ * Test that the crafted TGA file doesn't trigger OOB reads. -+ */ -+ -+ -+#include "gd.h" -+#include "gdtest.h" -+ -+ -+static size_t read_test_file(char **buffer, char *basename); -+ -+ -+int main() -+{ -+ gdImagePtr im; -+ char *buffer; -+ size_t size; -+ -+ size = read_test_file(&buffer, "heap_overflow.tga"); -+ im = gdImageCreateFromTgaPtr(size, (void *) buffer); -+ gdTestAssert(im == NULL); -+ free(buffer); -+ -+ return gdNumFailures(); -+} -+ -+ -+static size_t read_test_file(char **buffer, char *basename) -+{ -+ char *filename; -+ FILE *fp; -+ size_t exp_size, act_size; -+ -+ filename = gdTestFilePath2("tga", basename); -+ fp = fopen(filename, "rb"); -+ gdTestAssert(fp != NULL); -+ -+ fseek(fp, 0, SEEK_END); -+ exp_size = ftell(fp); -+ fseek(fp, 0, SEEK_SET); -+ -+ *buffer = malloc(exp_size); -+ gdTestAssert(*buffer != NULL); -+ act_size = fread(*buffer, sizeof(**buffer), exp_size, fp); -+ gdTestAssert(act_size == exp_size); -+ -+ fclose(fp); -+ free(filename); -+ -+ return act_size; -+} -diff --git a/tests/tga/heap_overflow.tga b/tests/tga/heap_overflow.tga -new file mode 100644 -index 0000000000000000000000000000000000000000..e9bc0ecb2a847ac6edba92dd0ff61167b49002cd -GIT binary patch -literal 605 -zcmZQz;9`IQ9tIu;g&7<$F3o7Yg1qzyh6tefy9wZAs2d<Uh*yuz=?XwW4Qvuv#g2nS -zp93+mT0rVR>T&8(2TGy=f_l)@gSap~$FayUFu(!|SyJIFga^{8fGj~vwq8kkVgvv> -Cavop+ - -literal 0 -HcmV?d00001 - --- -2.10.2 - diff --git a/meta-oe/recipes-support/gd/gd/CVE-2016-6906-2.patch b/meta-oe/recipes-support/gd/gd/CVE-2016-6906-2.patch deleted file mode 100644 index 8b6de97112..0000000000 --- a/meta-oe/recipes-support/gd/gd/CVE-2016-6906-2.patch +++ /dev/null @@ -1,135 +0,0 @@ -From 58b6dde319c301b0eae27d12e2a659e067d80558 Mon Sep 17 00:00:00 2001 -From: "Christoph M. Becker" <cmbecker69@gmx.de> -Date: Tue, 16 Aug 2016 16:26:19 +0200 -Subject: [PATCH] Fix OOB reads of the TGA decompression buffer - -It is possible to craft TGA files which will overflow the decompression -buffer, but not the image's bitmap. Therefore we also have to check for -potential decompression buffer overflows. - -This issue had been reported by Ibrahim El-Sayed to security@libgd.org; -a modified case exposing an off-by-one error of the first patch had been -provided by Konrad Beckmann. - -This commit is an amendment to commit fb0e0cce, so we use CVE-2016-6906 -as well. - -Upstream-Status: Backport -CVE: CVE-2016-6906 - -Signed-off-by: Catalin Enache <catalin.enache@windriver.com> ---- - src/gd_tga.c | 8 +++++++- - tests/tga/Makemodule.am | 3 ++- - tests/tga/heap_overflow.c | 16 ++++++++++++---- - tests/tga/heap_overflow_1.tga | Bin 0 -> 605 bytes - tests/tga/heap_overflow_2.tga | Bin 0 -> 8746 bytes - 5 files changed, 21 insertions(+), 6 deletions(-) - create mode 100644 tests/tga/heap_overflow_1.tga - create mode 100644 tests/tga/heap_overflow_2.tga - -diff --git a/src/gd_tga.c b/src/gd_tga.c -index 68e4b17..f80f0b1 100644 ---- a/src/gd_tga.c -+++ b/src/gd_tga.c -@@ -295,7 +295,13 @@ int read_image_tga( gdIOCtx *ctx, oTga *tga ) - buffer_caret = 0; - - while( bitmap_caret < image_block_size ) { -- -+ -+ if (buffer_caret + pixel_block_size > rle_size) { -+ gdFree( decompression_buffer ); -+ gdFree( conversion_buffer ); -+ return -1; -+ } -+ - if ((decompression_buffer[buffer_caret] & TGA_RLE_FLAG) == TGA_RLE_FLAG) { - encoded_pixels = ( ( decompression_buffer[ buffer_caret ] & ~TGA_RLE_FLAG ) + 1 ); - buffer_caret++; -diff --git a/tests/tga/Makemodule.am b/tests/tga/Makemodule.am -index 916d707..ab08dbf 100644 ---- a/tests/tga/Makemodule.am -+++ b/tests/tga/Makemodule.am -@@ -15,7 +15,8 @@ EXTRA_DIST += \ - tga/bug00247a.tga \ - tga/bug00248.tga \ - tga/bug00248a.tga \ -- tga/heap_overflow.tga \ -+ tga/heap_overflow_1.tga \ -+ tga/heap_overflow_2.tga \ - tga/tga_read_rgb.png \ - tga/tga_read_rgb.tga \ - tga/tga_read_rgb_rle.tga -diff --git a/tests/tga/heap_overflow.c b/tests/tga/heap_overflow.c -index 0e9a2d0..ddd4b63 100644 ---- a/tests/tga/heap_overflow.c -+++ b/tests/tga/heap_overflow.c -@@ -1,5 +1,5 @@ - /** -- * Test that the crafted TGA file doesn't trigger OOB reads. -+ * Test that crafted TGA files don't trigger OOB reads. - */ - - -@@ -7,21 +7,29 @@ - #include "gdtest.h" - - -+static void check_file(char *basename); - static size_t read_test_file(char **buffer, char *basename); - - - int main() - { -+ check_file("heap_overflow_1.tga"); -+ check_file("heap_overflow_2.tga"); -+ -+ return gdNumFailures(); -+} -+ -+ -+static void check_file(char *basename) -+{ - gdImagePtr im; - char *buffer; - size_t size; - -- size = read_test_file(&buffer, "heap_overflow.tga"); -+ size = read_test_file(&buffer, basename); - im = gdImageCreateFromTgaPtr(size, (void *) buffer); - gdTestAssert(im == NULL); - free(buffer); -- -- return gdNumFailures(); - } - - -diff --git a/tests/tga/heap_overflow_1.tga b/tests/tga/heap_overflow_1.tga -new file mode 100644 -index 0000000000000000000000000000000000000000..e9bc0ecb2a847ac6edba92dd0ff61167b49002cd -GIT binary patch -literal 605 -zcmZQz;9`IQ9tIu;g&7<$F3o7Yg1qzyh6tefy9wZAs2d<Uh*yuz=?XwW4Qvuv#g2nS -zp93+mT0rVR>T&8(2TGy=f_l)@gSap~$FayUFu(!|SyJIFga^{8fGj~vwq8kkVgvv> -Cavop+ - -literal 0 -HcmV?d00001 - -diff --git a/tests/tga/heap_overflow_2.tga b/tests/tga/heap_overflow_2.tga -new file mode 100644 -index 0000000000000000000000000000000000000000..2b681f2df8941d6823aa761be0a7fa3c02c92cbf -GIT binary patch -literal 8746 -zcmeIxF$#b%6a>*<djij4?cuz+Vi5?!RIY)@*eDAQ@`zPSwQE1NTI<YQEqdQG#s5@h -zwDFtAoIjm)CIQa|$z*q(vz}DbnPjrN&RI{Y=}a=&UFWPP)joCZ<31}ey8!(}FZZ71 -zWop>#e)AY=opmMw&j!h4cb&7IRMVMcvb)Y%PpaumGTB|{tS8lUCYkK6bJmk;IzMDC -D4PYIN - -literal 0 -HcmV?d00001 - --- -2.10.2 - diff --git a/meta-oe/recipes-support/gd/gd/Fix-290-TGA-RLE-decoding-is-broken.patch b/meta-oe/recipes-support/gd/gd/Fix-290-TGA-RLE-decoding-is-broken.patch deleted file mode 100644 index 64f5c62964..0000000000 --- a/meta-oe/recipes-support/gd/gd/Fix-290-TGA-RLE-decoding-is-broken.patch +++ /dev/null @@ -1,359 +0,0 @@ -From 4f8e26f2a40ffaa3a5b77be6a49989a1a42e2b83 Mon Sep 17 00:00:00 2001 -From: "Christoph M. Becker" <cmbecker69@gmx.de> -Date: Tue, 16 Aug 2016 14:27:23 +0200 -Subject: [PATCH] Fix #290: TGA RLE decoding is broken - -We make it work only, for now. Actually, it doesn't make sense that -`oTga::bitmap` is an `int *` as we're storing only bytes there. If this -will be changed, we can even get rid of the `conversion_buffer` in -`read_image_tga` altogether, and read the image data into the -`decompression_buffer` (if RLE'd) or the `tga->bitmap` (if uncompressed) -directly. - -Upstream-Status: Backport - -Signed-off-by: Catalin Enache <catalin.enache@windriver.com> ---- - src/gd_tga.c | 18 ++++++++++-------- - tests/tga/CMakeLists.txt | 1 + - tests/tga/Makemodule.am | 8 ++++++-- - tests/tga/tga_read.c | 40 ++++++++++++++++++++++++++++++++++++++++ - tests/tga/tga_read_rgb.png | Bin 0 -> 2349 bytes - tests/tga/tga_read_rgb.tga | Bin 0 -> 90444 bytes - tests/tga/tga_read_rgb_rle.tga | Bin 0 -> 9987 bytes - 7 files changed, 57 insertions(+), 10 deletions(-) - create mode 100644 tests/tga/tga_read.c - create mode 100644 tests/tga/tga_read_rgb.png - create mode 100644 tests/tga/tga_read_rgb.tga - create mode 100644 tests/tga/tga_read_rgb_rle.tga - -diff --git a/src/gd_tga.c b/src/gd_tga.c -index ec6781f..8737b04 100644 ---- a/src/gd_tga.c -+++ b/src/gd_tga.c -@@ -207,12 +207,13 @@ int read_image_tga( gdIOCtx *ctx, oTga *tga ) - { - int pixel_block_size = (tga->bits / 8); - int image_block_size = (tga->width * tga->height) * pixel_block_size; -- uint8_t* decompression_buffer = NULL; -+ int* decompression_buffer = NULL; - unsigned char* conversion_buffer = NULL; - int buffer_caret = 0; - int bitmap_caret = 0; - int i = 0; - int encoded_pixels; -+ int rle_size; - - if(overflow2(tga->width, tga->height)) { - return -1; -@@ -266,7 +267,7 @@ int read_image_tga( gdIOCtx *ctx, oTga *tga ) - /*! \brief Read in RLE compressed RGB TGA - * Chunk load the pixel data from an RLE compressed RGB type TGA. - */ -- decompression_buffer = (uint8_t*) gdMalloc(image_block_size * sizeof(uint8_t)); -+ decompression_buffer = (int*) gdMalloc(image_block_size * sizeof(int)); - if (decompression_buffer == NULL) { - return -1; - } -@@ -277,7 +278,8 @@ int read_image_tga( gdIOCtx *ctx, oTga *tga ) - return -1; - } - -- if (gdGetBuf(conversion_buffer, image_block_size, ctx) != image_block_size) { -+ rle_size = gdGetBuf(conversion_buffer, image_block_size, ctx); -+ if (rle_size <= 0) { - gdFree(conversion_buffer); - gdFree(decompression_buffer); - return -1; -@@ -285,7 +287,7 @@ int read_image_tga( gdIOCtx *ctx, oTga *tga ) - - buffer_caret = 0; - -- while( buffer_caret < image_block_size) { -+ while( buffer_caret < rle_size) { - decompression_buffer[buffer_caret] = (int)conversion_buffer[buffer_caret]; - buffer_caret++; - } -@@ -298,14 +300,14 @@ int read_image_tga( gdIOCtx *ctx, oTga *tga ) - encoded_pixels = ( ( decompression_buffer[ buffer_caret ] & ~TGA_RLE_FLAG ) + 1 ); - buffer_caret++; - -- if ((bitmap_caret + (encoded_pixels * pixel_block_size)) >= image_block_size) { -+ if ((bitmap_caret + (encoded_pixels * pixel_block_size)) > image_block_size) { - gdFree( decompression_buffer ); - gdFree( conversion_buffer ); - return -1; - } - - for (i = 0; i < encoded_pixels; i++) { -- memcpy(tga->bitmap + bitmap_caret, decompression_buffer + buffer_caret, pixel_block_size); -+ memcpy(tga->bitmap + bitmap_caret, decompression_buffer + buffer_caret, pixel_block_size * sizeof(int)); - bitmap_caret += pixel_block_size; - } - buffer_caret += pixel_block_size; -@@ -314,13 +316,13 @@ int read_image_tga( gdIOCtx *ctx, oTga *tga ) - encoded_pixels = decompression_buffer[ buffer_caret ] + 1; - buffer_caret++; - -- if ((bitmap_caret + (encoded_pixels * pixel_block_size)) >= image_block_size) { -+ if ((bitmap_caret + (encoded_pixels * pixel_block_size)) > image_block_size) { - gdFree( decompression_buffer ); - gdFree( conversion_buffer ); - return -1; - } - -- memcpy(tga->bitmap + bitmap_caret, decompression_buffer + buffer_caret, encoded_pixels * pixel_block_size); -+ memcpy(tga->bitmap + bitmap_caret, decompression_buffer + buffer_caret, encoded_pixels * pixel_block_size * sizeof(int)); - bitmap_caret += (encoded_pixels * pixel_block_size); - buffer_caret += (encoded_pixels * pixel_block_size); - } -diff --git a/tests/tga/CMakeLists.txt b/tests/tga/CMakeLists.txt -index c3a589c..789fb14 100644 ---- a/tests/tga/CMakeLists.txt -+++ b/tests/tga/CMakeLists.txt -@@ -5,6 +5,7 @@ LIST(APPEND TESTS_FILES - bug00247a - bug00248 - bug00248a -+ tga_read - ) - - ADD_GD_TESTS() -diff --git a/tests/tga/Makemodule.am b/tests/tga/Makemodule.am -index dff828f..a1e6af6 100644 ---- a/tests/tga/Makemodule.am -+++ b/tests/tga/Makemodule.am -@@ -4,7 +4,8 @@ libgd_test_programs += \ - tga/bug00247a \ - tga/bug00248 \ - tga/bug00248a \ -- tga/tga_null -+ tga/tga_null \ -+ tga/tga_read - - EXTRA_DIST += \ - tga/CMakeLists.txt \ -@@ -12,4 +13,7 @@ EXTRA_DIST += \ - tga/bug00247.tga \ - tga/bug00247a.tga \ - tga/bug00248.tga \ -- tga/bug00248a.tga -+ tga/bug00248a.tga \ -+ tga/tga_read_rgb.png \ -+ tga/tga_read_rgb.tga \ -+ tga/tga_read_rgb_rle.tga -diff --git a/tests/tga/tga_read.c b/tests/tga/tga_read.c -new file mode 100644 -index 0000000..310b72f ---- /dev/null -+++ b/tests/tga/tga_read.c -@@ -0,0 +1,40 @@ -+/** -+ * Basic test case for reading TGA files. -+ */ -+ -+ -+#include "gd.h" -+#include "gdtest.h" -+ -+ -+static void assert_equals(char *exp, char *orig); -+ -+ -+int main() -+{ -+ assert_equals("tga_read_rgb.png", "tga_read_rgb.tga"); -+ assert_equals("tga_read_rgb.png", "tga_read_rgb_rle.tga"); -+ -+ return gdNumFailures(); -+} -+ -+ -+static void assert_equals(char *exp, char *orig) -+{ -+ gdImagePtr im; -+ FILE *fp; -+ char *filename; -+ -+ fp = gdTestFileOpen2("tga", orig); -+ gdTestAssertMsg(fp != NULL, "can't open %s", orig); -+ -+ im = gdImageCreateFromTga(fp); -+ gdTestAssertMsg(im != NULL, "can't read %s", orig); -+ fclose(fp); -+ -+ filename = gdTestFilePath2("tga", exp); -+ gdAssertImageEqualsToFile(filename, im); -+ gdFree(filename); -+ -+ gdImageDestroy(im); -+} -diff --git a/tests/tga/tga_read_rgb.png b/tests/tga/tga_read_rgb.png -new file mode 100644 -index 0000000000000000000000000000000000000000..bc468e3d927eaeb77d2f5c3bc35b970457f60f18 -GIT binary patch -literal 2349 -zcmZ`*c{tSX7XOaO7-6K6b&RD_MnXy$nHe#bsVG~TvfZ*vO?Jle8%ar+AySDfStFGh -zG#*)pL0RUPJ(FedBaE?x-*o@D_deZwpZ7WMdCuo~-t)faoX_)~lW+lNCI*p(001C{ -zHOJWSbt_+Pfp_!w<m@>WzS`|-X@&uIeytaE1*v>QB*5J9HUNl9{Spw6`Sc(k6uyJC -zHWeNNLm|3~tCo{U002|57?VrEU+1$sy;a&|;-kbZl`6E_C%>gqbDtC=57F3fUD$)k -zSG5DTL6#NnU=7wGcCw|<f|{rZi)5q<cVW*NQPQCY0xPU0_nGG#D?wR37BO^o^261% -z+}quQI_1ZP=gTNp-n|;#)z~^;78o=e@tRYrS#8Jc>M{W*OdYEgjJp6u9Rb7l#X%t` -zun;^h28uEP=P3Px?|rNGF#17D%A(CJ_ar|?n^0nq!~w+Wg23867ryn!Zlb|~&7A~z -zqkP=IPyLrOM?58>2rEq=&{*9OMU!HNWJkg`(`y(=2{WLg392OTDyiM2$iCLcv5LCG -zjWwRq46Da$pV|V^4Gvs36k1dWF^V4c8j%3~jN{*0*$phpF|-#zi@;k@t-s?cqW&sd -zPh{x~@zm`!5V23*L&Qb=_elN~nEEqQhrhNZiRU#|qjK>6ptaYgj*sAcuS+t-7X5aB -zUI5f*aL0Dut+y0vde?tg7QMa^0`(plvuD^Q>)J(abQY>@6P_*YY;XJ54VC^_f7F2x -z21ee^35}!<L@bW?<-JgJ-%sahFv68xPXghCl|CsCc-P-A{`kl_3By}Mq}YnYYmSt4 -z8h8mx?<zBgq9CzV4*#zR8t}x5Or8!9Rn6LgajJ!B)ebxEtrwC@*p4M@D51#?OEY}< -zqJHu+sCRU2YXNxiq(DP@*(Ui?Jz;IQ@O$Lbf}e8Nwij*L&iUd$N4-Ykfp$vDx#uv? -z#_eULpAbPvN<tVA>Ek##rQDAOW+@)2?%}XiiSi^ted1PQu{v0&?bA^r%z?7*An3_H -zvYFv8{p8fsCguNR$#3=6O{^H&8kT9N92CeaRAj3Y_cNl-znY8JZ{MpO#OK}A<_w9J -zWMI2Kl?xv|S-FTV(aUG_`UWTZOFJGgv2)>JR#*H2Uad(wyqbIZt?w|Dw|k<eY&&9F -zcr!zDg7=#H^=^MC+W02GN{78K=4Kuq90c@$7f$7+h)^YFm}-?3cEdU+Ivh5RC<+Yy -zOz(7r<tT|Z34S@glz^9lpp@OstDBGA(iwk<LQ#r@i_)^MV*Re3^qB#j7N}4etZfK> -zt6<wtj&M2(TLgTh3AH(}4;f4j=<Iu^axvT0!8B)K0O!7g?WnhIyGH5@EtT77&?E{6 -zB5<#{PWJOxQkF}LskzI@;(qVCjE%v-h|S8;`k#h^W5wR-cadW2H2Mk+7QZhqSRd!M -zcQ8fpx~O^(^O#2gXiWDX&u@lZT#qjPG~Xh0UobVq#~Lumf!%S9`Jhf%MH?4Re5-17 -z7BP>D>=sy59jEGoeEx_W13BnmhAs?*j6#bG1a@#16O~1>q+P2@%QN~``Ws7=WX;F9 -z`=p5I$1ig*G|iW8vslr2^8hj+A0HWDoT-@fn5I53ZWWp!r8fMghmpjdqC%E#%2HFI -zY&A(g!Li3+$<B^y8^Hw5!sXd&k%Ev!a;~aB#joj1?2ntu9|!GAFUwyc0oe_~y<}?E -zUh@HUbCI(x2W1rmg7ckzRL2Ew#cdujut+*-t0g)81Tu+3ZH4uP`r1d1kSooU@5ybL -zR5_J%A5sbak)KrSf>(r|V*&yCb;Ha(&ACi9w;?kQ7q1$hwjli^);+KIJAh|K&YL#E -z+b(`PZN>V_5?v`hu-U429K9fO%8*k8pE=jDkn5ZJK|Vgl*@&QE^;mwlCxWbq4(hyi -zUuz)bk@5^HOk@gB`SaWZfX07Eom07js%np8Xot&?YP8R+3|jrR4c#zO{LO<?^G84O -zoP}G`MK)LZDo_$#nWR09X>NY_mL~1^BUG})*4b;Z_zq+`Q@kzUHC&`trCiQYum;1? -zBic+0Bl>LLYU?>!B3k!Ils}uXR*`OEr3`f<P@HZFk`0fP5`^X=BOtC?@!vUq7B4OF -zZEw6+3eoFRE@xEw(%DfIybhJuo03Du2ldm$20Sn3hj15Lu&gPQp=N%r%hME$*j{^@ -zRTffQhH7JLB-70qVkSm$9Zt`mahHLT7O^JnNqAAJs0C^n+1uj_E-}S^?&_U=H?;D_ -z1U9UJAz|+7z|Yq(6${A~5fhc}hH5twnKukf#Dn_JnQ$J4-Z$d}*Trq>?aKr2p19c6 -zYJ}r+^s>6aD~mrp;oIUhlig4sM)Jg3=J{K;dp#BCzRu1sU3D1wJl{jA^Y#ShVT+|^ -zUyjiM&wD~v3zy}K!zWm%3cpu#(*)cmxw1+n+C7V|hcZ6h8CZLubXt&J)h$6yflV6> -zOVv_gDb*glO9FLL8x6bqM6(F#pGhGy+jjOyt9-daMWGrJKF{XvnT#^TeYaq2MG)qw -zJ=RV;Mwg*goOa?(wM=EH<#AS$egRj*wnm+Bu4Pb{$-O}GZSiuT1UdBDwv2Rz)b3+L -zRA=nkaWHB7I$T~B%;KynnS0b@3YpKqt$2;qzwLf>DZ4RFCQB!=QQ`Ft&y_PThuDsA -zckawmbFnA9Tl7+Ez%a)>>T+Nh@8UxzrZP`<pHEXVd#|2v=f_b#A@|oAzbk6Q_>|O) -zgw?Xli!)-)xrF2z=thH-TI;|>UVYK64@asT%484CF-pjk+~~wA+Z%fZYua+sDJ<Nf -zfO`bfl}ig_0&C7BCuBa)xZ?-mQO=bQ2N5;>Sw}~|(tM}hK+z>+^8QQhOsTxl+2AJ+ -zX8WjlS|;0WRv7s_Bk=@u$v3GL@qC?&jcNEv<o68kaz!pHOs@;#CSh|{!j&zrsfn8j -z6|o#^6C2NO9!G&u;Q0U5hkpCs|2Z3I$nNY~x}Tl<rOB|1KiB|RQyiuYbv@>9Cook& - -literal 0 -HcmV?d00001 - -diff --git a/tests/tga/tga_read_rgb.tga b/tests/tga/tga_read_rgb.tga -new file mode 100644 -index 0000000000000000000000000000000000000000..5f11f5a080f3424dff6ff368db6af140a5777e23 -GIT binary patch -literal 90444 -zcmeI4Kab?b5yc6Af(;c(13`fU*%&xb;tQC_*aPhI`Y#kR+DO4FyO7x>23DD|fPu*! -zc$3RVz$FeASlIpmlR7c>{0XS{cwI!Xhn!*0&G0z9w?L_y)m6=&?%yLhCt|YfC)vBd -z@3Mbp-(`!RR#lbBv<6~842S_SAO^&M7!U(uKn#chF(3xSfEW-1Vn7Ut0Wly3#DEwO -z17bi7hygJm2E>3E5CdYM&A?}$ex4m_TFdrYYCYz+9zh#Fz&|9|x2zKn^W#B#+TPQk -zkGJqug1wSH+UqE;=D8ly$2|8{dOgm*N*~8rNAWn%b(B8lxv$dearRaEIL<nX$9b-! -z^fAwUm0pjtuhPeH)=@mpa~-9RdG4$9dYpZgK8~}F;&GnqD1FRxU!~XM?5p%~oOKkB -z^IXTEkMH5{66|-Z6BF}fVs88T*I)i3JJhoOSJ|O9w{_I#nWx?l)duSh)duUtlh$At -z17Cjm-|T(t=^t5ksQGyXeY}RR66}rB$6N4TCD<$JL)!2RcC~{xmhcaW#u{p)fITEy -zttmer=|ik~9;VU``gjIkB^qnU`Ab-pXwrv%OZ+UJZKV%gx2JNgp5i>D59woyTux<9 -z(uedh6&9yB59vetm?D=`nUnM(eN2VLDb7RskUpl!<y7V*eMlcuVR4G{kUpf3DRMcL -zIY}SV$5dFH;yfm%k4wB~a-Co=-1}Dr-lw`wu&?y~m97o@G#T{q3H)`Uv4-!7EMeD) -zw)K9=Z~mTThuUAV|7C~TzV%W6$E~45nY6k?xn!MZFO2s+{6m8MjdfuTKfpgE*thW< -z{Cw2@xOHLsAGrJk{yNcELpGPN>qM)WwmHy;dAx?N66{Tw1IK#{s}k%La$6ep^HE#+ -za9lo1VAA+y4Y_=oz@+gjedzt&v$!^qahUWWUeAKpvG42Bhn^$GX6~HMCw)jC=fvyS -zbCo`%kFl9Mr}If4(#JXRI`&+p59woU=FaJS(ueeMPP~piSLs9g7@N6sI-m3*eVh}o -zW6yPB`q2AV`u~)Z`u~(cA78-VB^qn^p2#KaF44B$FA47vAM{(Ncz3vdANUYI_Vq~T -zJFok7_+8Hr{@dw6AD4;m*uMzx*i#=x;yd<VQBUIaym%dZzk)u#fWJ#L*6_E}FJX6y -zR{!R@|ExhDui;aE=k$%!$6N58@;j%mqz`GsGuYJ*`gjJP^1JEGWequh2}}9ibmmGQ -z`krwX_ipJ!*U+x(reg27kUpdjX`!D1>7##b#EsTQ`Va%U4)il1ee|!5xY623A7Vh) -zfqn+0kN&k0H(DF%Lk#FT(9eMM(Z4q0Mr$K|hyh&(`Wcv*KJ@;s-aDDpdnZ93Q+a<^ -z`j9>*rH}Wyw|@5N=h^$%`<z>~{m%qin`x{~&_)6OkZ858w2#x+NA1ID_95uwC47}= -zz52*T_`_V+ZoXxF%76dsKew<oecZR}82QUk$J(XkqFq?rVsrM=+dI91F>*dfeUR^p -zOs8;+{5;gLHn&=|ON(1<&R+VEKDzjZ2Kw$F(#J>m?+&_ubg5)Jru)Zfp6{oApOQYd -zwa^ujKBNz5CFMK%pzr4xvxIHj*iUG$U^$H6v1y&(p%Guen9G_f*dx5vTC9wj2G56n -z|5yYq@Of%s<Hq`6AI$y@fakh_U0A;Ni03elS1=yhthu+C<>UB*F_<5lxjeqIJnut3 -z$IoG`U%^;I&v~(rw(xbnjlQMNoBDNqtoebp40e+5=NOml8^f{p%x`^%M%@zTb9U92 -zey`caUXzcCKJMFfjC?Z2I$CbIXp=9ClcgtjY;nf67)H!$*JzV-%cp;I=eWXg*SM{G -z<g|2%V~)!lp64;Nt>)excV35he&noN-o;q_P5nGz@Fe=cxFsxRdfmf(i(%wkbmVOi -z<GmvulgFhoW*&QO%(TX~{yvYo+;Ngy9%9Bgxif~z9^;-Z_AjlDKIHhib%?RP2szXo -zb1ZKaayY(coc$}-*dLD9FsrNkam>0$*aBw#8>@*ua-LwUy=ULlxgBeMVC(4mz?d=L -z_l$AfL*EMCbKYVYeX+I**76U1IV`@fly#^3k7J@WwoB=3qAm}dkd@q$&?aw;nHAPY -zkGSW%b<U`^)n{WM$234rTl(r4|H<k?-x@VGuhRF0{=)U=9sRs-S^X9J$Kr45=K*VE -z?x@dK7_WdC|75w=hTj*&HZG^d4C4MiQTjTz(eKCSdA4$}-^NU9?0BsB7<EJRv5M<> -zjM~z1wy>NiUh`*t=0grOa$~XBqwf(`bL{&Nv(L)Dt+i$hM%}T0Ywn2gyzFaqH+62u -znjhFYg+6XEuIZ!mnU_qvoEF0_&M_9A1#2Vj?;)kd&10{Pnbz3W-{(;`L?3xqJ!<_u -zq|pK5ox157qc4Ur$oM{eY<ASIP~Xx3bHlid(;DrJ#oyG=1J0<AOW0kav99wzjQAR6 -z`Y5~h4E?#wX&8>;RaY%z$lG}i?DabAc{6t3SU!%Lz54L^aXXxotd-Wsw#6;B%OjUM -zD?;50zR?BR9J{qHINtkNk>fv?*DlXfkI5XH*VMTkYkuIY=KN6KHP49M!q(h-<VYWW -zLC^-DH?WQ4)wtdAz7+ZEP_y$|;Kr`MgL4d5yYXXo?W<x{=lvjcT_Syye%-B&oGX~! -zW14-9bW>S=?Dw6+?RztJJVw_s>il&!w;aSvSk0-$y1eBu-};Bt`kXMv2A<sC!l)bG -zQ%nb~b#d{XpA~t{XF&S`wt&^23BL6loVw@AAFds+>%V`jj1%vpoYuag&vZk-^mW!o -z{6l{K=$sQ6J4jooBdbp^vdU+vg?&!%Lto8v6gS<p*3sv%&2eF-hXQTt&W>B3NxTo| -zJ$0?XuD>^IF^>ND-+x>CivCBKX=F=Z==0BJ%qu%s7{p9R-CoAQ)Ykbp4&p1v+l7tI -ze2ZJmd-QdlGs;=m81zx!;LnQM`!EhYwMczD`tjIK-E-v+*Av$l%x)axyw+1Q)CIlg -zpM1yqC=fG!(BE)O{-I56_<INY%evG32YWu48COQeJ6T1%gpnoM6RdT;#c>h(*uRR# -zY-)Yn+8oQ(mKHZ3`i<p!4%SDH{&lEtt)tJeHuC&D>#-1P*4OgH`*7Y<*NSTlW~l?u -z_^$TWzM?kP5H+#s8MCx~HSd@q%j9RD)x0AwhZ#4y8?Rv;{hN@pf@l0b9J7w+TUZ@E -zj+<H^_ig0Zm>gprYP!Z|KdsSc$gk`Cn0;;JbB;C+{UXjy-E-v+*ORR^SdQ-lUL&6M -zE`2O_=z-(-dq`>LH1C-49PDc6tVLb!*r{V7-Y|}SUhiYZIQE8p%=dqYHMKtO+pL3i -zjmdEt=NMNo`wWHEBeo9lt#z~<?~%K5<8;=D_u;&!u9e>laJ+!s!q&m=;i;P(W_sz| -zBlPomtc10+gk#qFF$;fAwz2;Oj7$x+MW|c2nmQKZxy4=HEn;Mob_2U$U;Kx7t2XYp -zW90GN9LL7I568{8;kbmqa&-lc87nNd%d-|%1?#Ly-E-v+*Av(!|E7m#AN`)8pWK^1 -zntzY?IclF~1)z(S(?_E{e>U+xocGkVirDA1zqJQA=ChN3KDzOHqxR`m0J^w<*>l{g -z?@XzCuKeM83jEu>fu366a~1CyYgpX3=-Vg7kFx^M1fQvL7@yhf*{XNl#rtsHQ`d?+ -z3Jt6x9e7RncENo8opuGF3A<;QHd_C`JU)Bso-2R2o@}k54}K5X^yq~5lcnX#pLPYH -z5BttRos|2|Cf<khp1M}?+Cv8mSnjO#eI(A;@rPf5)IC@J>GY(v)!K>yF(3xSfEW-1 -zVn7Ut0Wly3#DEwO17bi7hygJm2E>3E5CdXB42S_SAO^&M7!U(uKn#chF(3xSfEW-1 -pVn7Ut0Wly3rpJK2`Txh?|LN;LKmWt?-@f?SH@|xR>#u*F{Rp+*(8>S+ - -literal 0 -HcmV?d00001 - -diff --git a/tests/tga/tga_read_rgb_rle.tga b/tests/tga/tga_read_rgb_rle.tga -new file mode 100644 -index 0000000000000000000000000000000000000000..ce845ad0c3da65205af25854d64568b1cf0921e3 -GIT binary patch -literal 9987 -zcmeI2J!~9R5Xbk<L5NgWrh*l6K@rf2A`LFK334O|$EPT_a+TuJx!kjzIGiJ2I<P>x -ziiRRbk%9(oq!dtCIspYA&6UugGcC>X|IOQdZ+$+;#>5ek&eFVnJ3DVa{%>aX?a5Je -zF>-%5qwk}eQT$4wzvw%Lr!o5$L%T1%_;U0&GrMhYD|*=1u+QBMI7bBz5GWAXUI?5o -z4)=h152)YuP~W$``}B?1quuDQ!tKvI-d*GdmoNVj?N0AU(FV5-mWdwpH55x49>GD6 -z=%BBmXlU4mV>@qJ8fX!<cQoubnZc3TbVtK}?@1Y0!9an5mD0dE28xA&sM>=CL?@={ -z0-|RLqE&j)8olUxtrw;AqBVNamHEBs60Ks5R&l9p6>VC@T4)u!Z+{g<yLY2MYn^Q1 -zd9ELFE4tU$u)n0?3plJ1J?v}PZ)msyr`8V<5?$KSu-0S-M?&o#4QoBb4;grXfdT`M -zN=c*-Fi>D%n-xb5tYDzPz)HDn9RtO}K-2&bfLTDa$ReF=%5-@43+;@(Xqh_Lqg5;e -zg}THltzs{<ie37oodrXq8PIa=9O>E>BBIs4hP5RP*Wqxy6Qz9`Y(v8pI6+HwtX$ra -zy1k}`<+7Ep?x=h3^=RRT3_QR<fq_Rg0|yu=Ft9z}zzPNm46Kv})-g~l4EUq{0-{A0 -z@uf#ui57)+Y^yj$Kb#Ty+&-!K64#`N?AC_rx07^75BGbIkyuBfFo`X6d}cobiI>AG -z_yH!{gxCD>ho1(boNM2tG;8-@MK-H=sqwzy_Dk<p<<Y;ghphqw-d=+40((iXvX>d} -zeC*AO?;PyiJI7egrh5aA*tASEv0P|sHWdv;37nkl7;GWQvslElsh1w>E)mVkrK5Wr -zvyT~j8_(=*6BF=71Iw<4W?fOstUs?=BFaQ*Da#xiBX|}K8QkJdG}zFPqlKLAcr83* -zWg<d$C_)R@Zt(9GMk4VnKb+4e=emmuJZ@>Q+HzQdV{TOj;%(7%jzp+KJSs$|sS9Fk -zi>8|_;%+MHn6)L%h}LxJYN%Lsjm=l2JEG}rgt!}vT81WTD?iXN22oo(>Q%FW$7$$! -zt&?$T0IopDHZ|A}nmLfzok8W3vju;nlA35T-r~-!Mh%-@xp^A6E=V4LfMg^hw4o2J -zZI)js`N&kV*g%#wDTZ~m<nWLi1ePizuWxAjE=soYvC=mb&tTOxu05X^q<~*Zj<9wL -zP=$-ZWz~5>cOy6~E}sky$N;c`=y|Ej2+1ZQ2f9i4w?h@e2{8NMT~!94nB@itGuLH} -zXVpo_fLn+Ny=`_6ub%qVxz9IOHOQr&m-w|E<2CfOb2=CaIW-6=RoY?8DbvigNhHcJ -zG#i_20Ls>TP|sG<1T!>Hm<6C_+a^z4YoiJ>5de05QI0M6IheVSK%5>}CEC#MwBHBI -ziIa1Wpa&iZ_r@?tJkJ5<afw}YS{54Q*|ADIR<0rq7ju0Ezq{lB$w1gObbznQZdZVC -zC{fEsk6_CHMd|PuWL7zD?Gbil$1PB(y&Zkn_I|ZCmODo!ml!;5_YN=f8&f%XLJ69i -zw+YreoXy~Iho>|{-W{nZBP!8&Q$t}P*I~(hRwZ6%$Lp+>-V88<W1vX?KTsG@4Mp7* -zP43JO--G~U!gJBc0<A+dG0?19zUEwf+}?LWRX6~j_TKxg%r*$-xiTt}Yajv!vcmP) -zqnTh(gvtWBmMHdlF_;5HXb)v)Q_z7o(;nJBIi5s&D7DGOkh+Oa-OSuJgOmf2R1I-V -zRL&L6j_DV<hr<B?9Mn_S!{H7Uhx4N2TcLZ}5FFv{ZJA>rG8_ARaUB|->lMt--ZnEI -zTJ7{U4;S{j2Ay9PTlySLkZpPkSyjD9xB@11Gqz?H&}bm6INZyXa|<usjtD%sjy+Z` -zO^{AKuWKHIUn2Ss=N8*9c5f<jyF%cp-^Zcb5%Fp{gGhMmxXnNb1>}y*$KYeSt=BT^ -z9)n8f69who6DC3I4i6#*smWsw#8aACPLFDXvaYploY`rTzv^v6%`=fZ=~tM<Gx7U2 -zGVu^u%W!94&zt&L+f3G5W^S(`9GhA$F^gxQaDFP%)PFP84q_$@7HzQb60>~+#d%*t -zf%)V_G>Dlk3}01X6V9YA0}KH#x+MuyPXYm7$4BlC*YhI}#g|)Uh0-v*i7ggcv&@^C -zjYO%ac80KpJfmhZkwXX$pH_*;t&cQIT_(xF6ht!Iic3UdT(%7ihfT|wtXWA&V1Sf; -zU3WEU`G(*m{rfc5Lu-SUf;0gW_gTQ5!wKEEk(Qj)=S2;}8FVa^9uYEg=U`?TJS&;e -zZ|IGrGhpnT4H$<N0L>R>%fn7eg+%K9in1ezX3K%Y`r6i<mRK!fyE0L3T&%#2e?}WI -zcSMQE6&v2hGddfHYR&MD28%5H1s1ZQZU%;X@Wf!oTq<&1f;-%4`%tL#0yUz{`gTy@ -x8%~Vp2_Ce5$E=Cyg!2^tf$X%_aF4$a-uv+CN7vrJ_RjTJKYsJtTUTF;{sH~|7$pDz - -literal 0 -HcmV?d00001 - --- -2.10.2 - |