From 5ab50eebd7846b79528058a1e4e83bb181416c30 Mon Sep 17 00:00:00 2001
From: Michiharu Ariza <ariza@adobe.com>
Date: Sat, 29 Feb 2020 01:32:29 -0800
Subject: [PATCH] collect_unicodes() with clamp, calling add_range()

Use add_range instead an inner loop, clamp its input number by
number of glyphs a face has.

Even the face cmap12 and 13 have 32-bit hb_codepoint_t, which is here
used to make timeout, face's maxp has 16-bit gid limitation at least for now,
using that makes sure we both fix and the timeout and don't need to change
much things here also in order to support 32-bit gids also someday.

Fixes #2204
---
 src/hb-face.cc                                |   2 +-
 src/hb-ot-cmap-table.hh                       |  30 +++++++++++-------
 .../1746cad6bc3fb2b355db50a5af37c9b58d9ad376  | Bin 0 -> 23293 bytes
 3 files changed, 19 insertions(+), 13 deletions(-)
 create mode 100644 test/fuzzing/fonts/1746cad6bc3fb2b355db50a5af37c9b58d9ad376

diff --git a/src/hb-face.cc b/src/hb-face.cc
index 0c9949fff..2da0af41f 100644
--- a/src/hb-face.cc
+++ b/src/hb-face.cc
@@ -546,7 +546,7 @@ void
 hb_face_collect_unicodes (hb_face_t *face,
 			  hb_set_t  *out)
 {
-  face->table.cmap->collect_unicodes (out);
+  face->table.cmap->collect_unicodes (out, face->get_num_glyphs ());
 }
 /**
  * hb_face_collect_variation_selectors:
diff --git a/src/hb-ot-cmap-table.hh b/src/hb-ot-cmap-table.hh
index 7969aad05..ccc11643b 100644
--- a/src/hb-ot-cmap-table.hh
+++ b/src/hb-ot-cmap-table.hh
@@ -539,20 +539,26 @@ struct CmapSubtableLongSegmented
     return true;
   }
 
-  void collect_unicodes (hb_set_t *out) const
+  void collect_unicodes (hb_set_t *out, unsigned int num_glyphs) const
   {
     for (unsigned int i = 0; i < this->groups.len; i++)
     {
       hb_codepoint_t start = this->groups[i].startCharCode;
       hb_codepoint_t end = hb_min ((hb_codepoint_t) this->groups[i].endCharCode,
-				   (hb_codepoint_t) HB_UNICODE_MAX);
-      for (hb_codepoint_t codepoint = start; codepoint <= end; codepoint++)
+                                   (hb_codepoint_t) HB_UNICODE_MAX);
+      hb_codepoint_t gid = this->groups[i].glyphID;
+      if (!gid)
       {
-	hb_codepoint_t gid = T::group_get_glyph (this->groups[i], codepoint);
-	if (unlikely (!gid))
-	  continue;
-	out->add (codepoint);
+	/* Intention is: if (hb_is_same (T, CmapSubtableFormat13)) continue; */
+	if (! T::group_get_glyph (this->groups[i], end)) continue;
+	start++;
+	gid++;
       }
+      if (unlikely ((unsigned int) gid >= num_glyphs)) continue;
+      if (unlikely ((unsigned int) (gid + end - start) >= num_glyphs))
+	end = start + (hb_codepoint_t) num_glyphs - gid;
+
+      out->add_range (start, end);
     }
   }
 
@@ -1077,15 +1083,15 @@ struct CmapSubtable
     default: return false;
     }
   }
-  void collect_unicodes (hb_set_t *out) const
+  void collect_unicodes (hb_set_t *out, unsigned int num_glyphs = UINT_MAX) const
   {
     switch (u.format) {
     case  0: u.format0 .collect_unicodes (out); return;
     case  4: u.format4 .collect_unicodes (out); return;
     case  6: u.format6 .collect_unicodes (out); return;
     case 10: u.format10.collect_unicodes (out); return;
-    case 12: u.format12.collect_unicodes (out); return;
-    case 13: u.format13.collect_unicodes (out); return;
+    case 12: u.format12.collect_unicodes (out, num_glyphs); return;
+    case 13: u.format13.collect_unicodes (out, num_glyphs); return;
     case 14:
     default: return;
     }
@@ -1417,8 +1423,8 @@ struct cmap
       return get_nominal_glyph (unicode, glyph);
     }
 
-    void collect_unicodes (hb_set_t *out) const
-    { subtable->collect_unicodes (out); }
+    void collect_unicodes (hb_set_t *out, unsigned int num_glyphs) const
+    { subtable->collect_unicodes (out, num_glyphs); }
     void collect_variation_selectors (hb_set_t *out) const
     { subtable_uvs->collect_variation_selectors (out); }
     void collect_variation_unicodes (hb_codepoint_t variation_selector,
diff --git a/test/fuzzing/fonts/1746cad6bc3fb2b355db50a5af37c9b58d9ad376 b/test/fuzzing/fonts/1746cad6bc3fb2b355db50a5af37c9b58d9ad376
new file mode 100644
index 0000000000000000000000000000000000000000..8e58f0d671f4136665b0e2ebf220fd025bbe1b71
GIT binary patch
literal 23293
zcmeI)k6#qmy*KbPv%hzNUG@jNEI)SHpSaNi%a4Vv3A(Yt(j-`-)sj3BF=hzSK+p&w
z8VJUM8x<tpNHB?HW3C39Vrfz-ZKIc%O6d<R?Gr6cs-?}<hqlpj(?CF%=QHq4p5A+3
z&mYkHV)r#O?{j9pyEA9c4#PQfmT`<REo)*DR<q*1uNEQ2G0u7cOJ&J@8Gg3@yN8ig
zk97IQEgNcFcRuzj#^SFqmUwOB_HA~?X61}6UMg<?aE-9#MPF|jW48?<T`6qXTEi50
za@Mm*#|WFBd^q#(%U)+}=}N|$R#$G?@R0nYdv3?No0#${ks<%RWGmh;2WeO3mTmQt
zYitM7ml)H@H&<`maJ*^Ahxc27v~<gc`Wl^;>9KwtwzogFVaulNZ+`V|#(wk?V{%DN
z_10~V7}*)d2D=$s=c=jQR8#nPBHnLtCbn1OND->p9XB=j{q@?Ve`gZB8y>&9`z!w;
zE`M!0^;aBUt7NmJ21yCy#auiPC#jij#e8mi$>zCNnqN0R=fxZ)$8=0Km%%eBmRjU}
zz7^h!YZuq@VP4$(ugx#H2brIJ@cBmKa&q=Nvon`xXSG*Yp_pF2B2>bbVZUZ+A8J^A
zc?LHtuA_&2ZqHC|3y*~oSSW#o68P^WFgySF?7y#B$XO_Xg%VgOfrS!SD1n6%SSW#o
z5?CmKg%bEDE&;IxLV_tDlh_Kej#?`gBUfwz$;VPXmoH~ASkAR?U`snB#S_~o@ZW;C
z0&}zuiJIRsv3<^rx6dyX;#OEMwsL66I@nCMz&5fS_L9@#46@iX6CjJbTu5F97m-)O
zCFE7`TC&)XvYuQH3*<_;np^|dk?Y|`aueJ_ZiU;(?eHOTCwzq54Id*PhkMB<;Zx*(
z_%!(pe2zQ>pC?~{FOsjoSIO7l>*O2oBzX$HbsjU6^DV5Hy~UX9Z*!jtr<mV{Q(~=_
ztb@&D3v46XVJ|ry&LC&P0dhWENL~gPkypYc<W=xm@;Z1uxf~YAm2fq=2CgI5!;R!7
zxP{ybw~^c7L*!2Q2)P?RMm`Srl25{?$o=qX@)`IXc?dpFz5rh&UxF`_ufSKy*Wl~q
z8}KA~3Kq*Br7yM(@{0L<UI}Z-I@nCMz&5fS_L9@#400wMAm_t{<YjOXc_myzUInie
zU9x(03BJfp_&VF~yz4Ie?|%M<AK7oArSs=St4i*>%wKI{EKWQHAeG_Yym!q7e2<SK
zJ=e6$lDPGZ#U2#bi%qlre@(4pOoN#Drdi!5@<wd`EYfpLv&*&xJF&hW>0z-cmOX@B
zVeH$O<YH5-{IS$jydKJeg~g`W*&}G$WU+rj+K#ti>>;t-q-ZMTIQc_QY}xXpsN1Ks
zZ0c!ls*#^+luTKqGx0H!)Na=H+;j8u7)1(W-}xl=)fxHpPd+P>eU_~K06DUI^q<+|
z*(R~!Rf1+!1yeB%i$#-bJTtHamdKKsjX9W`rL)`Emsl3dVF4Cox1%ZbPIedjD!ZGN
zuu`@Lr^ox*gKPu#PGD7R3#(yU*>?6MnxPw6GuzEt*>h|^JHQUIL#&Iv%(~fY>|fa%
zIPPB7$KGcB?1$_f_HXPgJI99EFW3e4YxX|-EgE$%voZD&yT<;^K4yPopRh?b&2Hg*
zD&gduii_d2oSrjr7A}cP<<hu^xJQI6!7pSBIYO?GCj^9ip+LyW6tc2}EWePIEo9{g
zS-C=1o{$v~vhszj0>Pgt_z~k5{Mmv(NATwg{yf1S5d8Uqzd*>&6tc5~Y`kQ)kewrB
z=L*?*LUusN&KI%^gq%zvCrilj3psel93dxH$jK9O0zyu{kW(P!W(v7kLatxP%@%U8
zL%Bk3o{$?5a`T1U0wFI`$jcJ){6b!~ke4ImVSn?4ynv9GFXR;nflMKgB?SCJAX^CJ
z2!UK7fWrw0fqWrQAmnEX`B_4~U&zlE@^f&A`ME-Vo{*2@%@^_ugn~?=AWJCl3kBIi
z0oLaV1$jb2Kqx?Q6x>-|^JMKKLghAl`o=|ee`coNzWkx;icR+Wp4_@^)0VCFuRgZ1
zy0)gecEh$!4}HnLeDh{|skr%8d+DaFn`*ZsbH3)G>a|p`hs5e5N5#=G6SJbixY#08
zmTdfuyq$$u5h}^o**8!@%GoAVj%v0I72|2P3zcFY>p+EgiM@)-aDtsgMHpbGQ3-y^
zeu)ZjiG7F<|0??nKKM`B3_f%jr^W|v<Pz~=JGpdj3Fqem+){2icNh0HZWXtNE92IS
zm4JJU+sf5*JGo}Ah1<&=;9lSkbKTtQTo2dFy~X{2dxv|M8{&S!jc^ya54b;Y|IYoH
zyTSe4r}nAi?CLae<`8F2apn?dZgJ)jXI^oZF3uLI<I>c2afXOAF(OTjNE0K{#E3L8
zB2A1)6C={Z2!|Nq5F;F7ghPyQh!GAk!XZXD#0ZBN;SeL7VuVwSaEcL5F~TWEIK>F3
z7~vEnoMMDijBtq&E-}I-M!3WXml)v^BV1yHON?-d5iT*pEk?M-2)7vF79-qZgj<Yo
zixF-y!YxL)#R!iW;SnP|VuVMG@Q4u}F~TE8c*F>g7~v5kykdk`jPQyPUNOQeMtH>t
zuNdJKBfMgSSByv(Bhtl)bTJ}bj7S$F(#42$F(O@zNEaj0#fU{>#3C_bkr=T^j94T_
zED|FYi4lv$h(%(=A~B-&=x6SuGc89aS9A^@oq6G?e6siG&3BLf`e^Y{#eZF={D13I
zC)8IoCt_l*w8zBaT&g;2oSU0IFffhyjd+Hg;1aku`DOe$$sLmCrE6tcnQ_wn*%H(8
z^6Hu3?q$!+=(=ZWCezm|n@)bOqc7>e^ZVP{Y!}Y;_3WG2d#e5WE#H53?3<HYvirAo
zKDM{IqcOazW%sjB?Rl#8>0QdnxNn;Na#znxc!&Mz#T&jnBl-5)!&?TQ`oW`r4NsmJ
zKi_%q<vm?(d-v|c^Tj=#dtN}q&YLqP&E%b*Ei&z$dGx@{qnNjC__zK0-U?4{-aT0r
zo_w_FI~$&R_F?7ZZ*MKamd>efn||`@P~Xq?|F(U<@6r1UXH+xYtD9$*?%Djpmi8AP
zZx?oMeMZ<({p911zj9-EGGS8wvhqZG&#n{UlO4~!UHO7?=J3o-)9JI5i$>m_;lCZY
zV`j~a?Awdpcx<BW>cMAU48M3#Ipv-?ZPI)^^{Hw2#h>o@*&gMqk-hs~wQa4c-}J<$
zyqQIJ%q*&(S>E>W_gfCV`O0L$|DJUJe$w&g*`q`6_IAIv^NmOMD0e?lw(I_+75i3p
zeWhXJ&co~8dR{q|cPj(C|MqA3rtCuw@3Xn#ZO=S@@QH)lpWoJ5cVO4^&mR2Nh8>$9
z-(I>o|E-zSKRt4^`L(D1b?-;}c7N+vKTw|Q`_`mv*L!<jd-~PpS9cwGvTMiTXFHnP
zn)mN-$MeAVFK-`f{b=`*hUa&h*}<mgpWdr%yva=a_UsGq4<Bmj3?JO}`jefT4phJ9
zDqk`abJ*DxnzaA!_dVZ!b<f)!ue7|f|D_J)iOF@QefKxtU-j^oNAiBQ>#e4De>0i<
zt8LG>KEJzT_rA?-oA+%|PTqI3-K3e)ex@~j^YHyg*B+R;J@V+x^B*k!Md4Fzf7zov
za8Rr&-QBMoKK#=2#cjpA?`f%OUbAuMSGV0hu;$3d&iZejtp7nne?$LMJxy;OI<fCR
z4m>wm+VWFnxc6Il?uoR#)*9)2r{Tye@3bFo>1=+!>xJhcb%&LA22A@NX{&6nY^`s3
zYWK7CPdrh#ef!S6JD=OJ_Z#m$@{^Y@w|95F^e-=WcXS_qwe_uUeYgI5JC)%*d&1#8
zJNNHsZrQGUdUDOpA7aN_pEGIj6%a2~SVr7C!*d<QoNTU(c8B|96V|ZbR;7=zgxUR4
zKmR=>zvw8IeZVdLpYg;|;rLZ&u^bYQioGiP@?5DP<BJC_f>medI<;fCPq<HTb>p8~
zG8n>js#-3Q%QQSMMT}UcUp&yM{S{n^actxKdx-NZh1}e~ovO1)Eyq)Q$l1LpUrwsR
zwpOI)&9gY9<}LY$eCa<}#*Dc3o8Lx0moMPjt{PW&S!_M7OxLrAk$Mb&(z9?KxCvK(
zPq59n4y?r={7sl|Wsl6Q&%y;k=G?yU;;TVMEX9AIbN=%`&1~cB+$H+_oQb{s{Q9{Z
z#+Snaxe~4>*T8k;dbp9?1h<e|;WlzRe29#TasCLo8$L$H1wP+PJ_(;9<HDUkO+Evk
zBM-sn$rs>@<V)~n@)h_h`5Jtkd;^{&Pr>xhk=XnoQOxH{l(3epgUw_MY$MxYFF75~
zAZNk>az0#0UIrJDSHdOaRq$H!I(R*~92Urxa5cFGt|QmOjpQb{h1?3ak=x-z<WBeq
zxf?!4J`VSiPr|3j{qSk>8TcG|2tH4~0AD0uf-jS=z*ouF;OpcY@FaN(rt%lRZ&Jm4
zzElZo$vW6fw!k*B9rlvb;S6#n93bbzh2&*$5qTwCLS6;0C9i|mlgnX&TnSf`Yv4L^
zJ={ocf?LR~a2vTDK1A+>kC40JW8~v-FZm>Virf#MCZB=Nk%!>(<O}dc@+J5(`3iiM
zd=0)%z5!2?r(i07u?bG5n9r9fVJ%q)o5>c~Mz+IVaypzr&V&Qxe7KOj3@#$CgiFY)
z;I-s+@OpANERZYVYH|%+N3Mq($xUzzxfO0Bx5J0Xo$wKIH++nI9PTBbgin$C;nU<Z
z@Hz4je4cy(zDT|VUnXCHuad99*U2~FN%9m-<&Rs`m|QWRFIU1^vJN(rEwGJjhrQ%<
zID?!C2gvzwA$b{GL|zG(kXONL$?M?t<Z@UbSHjig8n}*J4>yvV;1+T#+(vGP50N|J
zBjj%Q82LEdOFjvoBKO0m$!Fkm<RSPx`2u{Ad<nixz5-t*UxTlcZ@`n}DVWM%!5C90
z=JORwSWDKyX0ipgk?pXToDOG@GvNR^A1)*>gNw*3;S%yHcrAGyyq;VR3*<_;np^|d
zk?Y|`aueJ_ZiU;(?eHOTCwzq54Id*PhkMB<;Zx*(_%!(pe2zQ>pC?~{FOo08m&sS)
ztK@6&b@B~(k~{@d`70UP<Q4PzN+gt8vJN(rEwGJjhrQ%<ID?!C2gvzwA$b{GL|zG(
zkXONL$?M?t<Z@UbSHjig8n}*J4>yvV;1+T#+(vGP50N|JBjj%Q82LEdOFjvoBKO0m
z$!Fkm<RSPx`2u{Ad<nixz5-t*UxTlcZ@`n}DVWM%#c=Vgn9o-!VJ%q)o5>c~Mz+IV
zaypzr&V&Qxe7KOj3@#$CgiFY);I-s+@OpANERZYVYH|%+N3Mq($xUzzxfO0Bx5J0X
zo$wKIH++nI9PTBbgin$C;nU<Z@Hz4je4cy(zDT|VUnXCHuad99*U2~FN%9m-<u6{H
zs}=M4Y9*{C>tHk40^7)T*h@}_Gsu~6fSeB(l9$0n<dtv<c@?~tybfMZE{6qjC0tFe
zf$PZia3i@1ZXvhAZRB?N5V;dRLhgo-k&nZ@<dg6zazA{Ud<H&89)i!4FTfYcm*C6f
zEAUnFHTXLD20Tfgf~ov93>^iE`FxEM){=FwnQVb=WIOC7r^6ZKOgKQ!hYQKe;3D!$
zxP-h4UQ1pFuP2wo0=W{dCfC4q<a)S~+yu9fTj4fxJA8=T2_GSM!^g<S;a>7d_!PMx
zK21IYpCb>!=gAk~i{wl2W%3pHD)}0GoqPkHBu~Lq{$jUojAA}NMhR=lI@nCMz&5fS
z_L9@#400wMAm_t{<YjOXc_myzUIniuuY=c<%VB|B30ISA;5u?W+(>SMTga_&8@U}m
zMDB!-kh|ey<l}HJ`6PUb+z+27pMlSjhv4(%3-CqqCHOM=3VfA(4Zcpk0Z)>rU@HGu
zhK?`Ae7@Kr7ON%eU^CeQ+sJm<OHPL~$eD0}oDUb0m%&Bkm2e4p6}*<b4qi_#hXrya
zTurWl>&W$RBe@A~A-BS9<aYQFxf4D@?uL(%kHfv>lkh2WKYW^e20lj~g3psLz!%Av
z;LGGI@Ky3P_&WIpJV~B{XXhQq(DA7tD`72J2b;+j*haR)UUE8|LC%B&<b1f0ybLZP
zuY^m;tKhZdb?|y}IV_MX;c9XXTt}{l8_7*@3%M0;Be%nc$er*JayNX8d>rm2pM+15
z`{C2%Gw?a`5PY6|0lrAS1Yag!fv=LU!Pm(*;7RfnO!XfFUzk=gpRZNITCxr{lP$1~
zY=^z%bU1^Y2?xmea3OgaTtr?8mylP%Ysu^2_2hC`AXmcG<Qlk+Tn{&ro8T65E8IqI
zhYyiE;Una3_!#*(+)F+QpCb3er^#pFbL1iTJoy5Ak$efhOuhnNC0~QDlW)M2<SCfS
zU&k<BN->|WQ^Hy@R_M%R3v46XVJ|ry&LC&P0dhWENL~gPkypYc<W=xm@;Z1uxf~YA
zm2fq=2CgI5!;R!7xP{ybw~^c7L*!2Q2)P?RMm`Srl25{?$o=qX@)`IXc?dpFz5rh&
zUxF`_ufSKy*Wl~q8}KA~3Z5_jW!kvd7>!z`RLEsg3D2>`=8UCF7K>B7zCfIrG1r-I
zAwy^WWN!Z9-26A<{1&E9Fnx&WH%k_uU9$MhlErM98g0)U$MX^iODM!6VaazhSwH8p
z?B0j&yZMJWIFI?zx*bIKburqt%UA_Eu4`EX?qvw0%esq2SP$-77+{0ATVaHaqMLf0
zO|WT>M+dc@vvLm3hpy=$7vhS!QgljJa8+C_*MRQmFxSC#aS?Px_i+Q<AUBLI=uvKr
z8|NmtX`biRyq>r64&KN6`5+(Si}_N%jIZFU_*%Y!Z^nSP4!(<z@I8DVKfn+2!~6(8
z%8&8m`~*KO;U#K`USgFvBtD5>5|o4_#gbA<nWREeC8?D(NSY;KNr$9M5|Q*s`XmFA
zLCLUWL^3KFlZ;CyB-2t}s+Q`dR;fekllrAWX-HZuEtQr@E2LG@T4{r{SsIphNV}vF
zX^*r|Iv^dC4ogR*qtY?yxO74~E#qZsnO<g<Ib=SWUlx>wWW};lS(&UtRwb*IHOQJ}
zVOfW)OBRv!$ogahvO(FfY(zFH8<UO8CS=ocUapqw<yN^v?vwlFL3v1CEH9Op$t&bl
z@>+R=yjdQWcgVZs5qXciPd*?Yln={C<fHO2`M7*SKCR#tYK2~5RX7wrg<la=gcQY!
zQbn1fLQ$otRWvA?6=6k(qDv7`^eFli1ByY#uwq0psu)v@D<%}vN?xf}>XlZdL+Mlc
zl|f}lS*$EomMJTgRmxgrgR)r}R(2@6lo4f*vQIgn98?Y~N0g(=G3B^&LOHGCRce)9
zWmP#;K9ye;RE1Q<s!~;%szOzzs#P_pnpI&{hpI~zQT3?$R0FC()v#(rHL4m@jjJY9
z(`sI=R_oPP^j!PYesxeCQWvXB)n)1mb(OkS-Jot(ht(bGE_FoRqwZ4=s0Y=<>Jjy*
zdQ3g8o={I~c#T@4*H|?UjZfp(1T`T|v8Gg0rm4_WX=*hMnr2N{)1m3oL^M5`KFxq;
zP&2F<(Tr-wG~=2H&2$VOqmI$XSYsS9z8HT@FeVgJ98(%o7E=*Z6;m725YrqJj_HW$
ziiyPZ#Pr1s#0<s^$Be{`#*D>`$4tab$MUi2SbeND))DKA^~VNdL$SrNrLkqP6|q&Z
zwXqGc&9ULwj@Yi)NNi7RU+h5aVC-=0NbG3rSnPQ0MC^1NAE%Df$64bXalSZzTre&a
zR~%OwR~A<hR~1(q*AUkn7mn+Q>xzrS^~CkX4a5z`4abedjmC||jmJ&IO>23rTC3Mu
zwGORM>(>UgA#Jg?R9mL4&{k<{wGG;4ZCKl(?b1fHJ=#9)fOb$jtR2ygYR9zW+6nEn
zj@PMmdYx70(D`(JT~HU&73)fMWx5Jom9AFTpljBJbsf4cT}0QT>(dSB26e-_5#6Y6
zOgFBZ&`rnl@#=Veyfxkt?~C`x2jfHW#qp)_W$_j9Rq?g)4e`zK;rNdDuJ}lNPkdke
zK>T3*aQsO8X#80Gc>F~Cw4T?i^?JQk@6h}7etl3M(iiJX^=0}BeU-je-=J^ShxHx$
zE`3DbqwmuX=m+(~`Vsx8eoQ~EpU_Vmc!S!YH&_i0gU{eM1PviWv7yvZW~eY!8EOp;
zhGs+9&|&B@L<~KKKEr@v&@gNmF^n3<4C96g!?ck%s*QT1)#xz#jDBO#7%~<cOO0j5
z3S*VA*4SWdHinHI#x7&T*kkN74j2cG!^RQgsBz3VZk#Yqn|PDjq&Hbj4wKL1Hw8^0
zQ?aSkRA#C$Rheo{4W?#O*wkU_GDS>1rasevY0xxm8ZnKU#!Ta;3Da}}pP)|ACs-34
z3BCk>LNFneP@GVjP?k`UP?b=d(2&ra5Kibw=t_tr^d$5p3?vLD3@3~vj3$gFj3-Pa
zOq+SL+N?KQ%?`8A>^BF^A#<_0)Ldq+Fjtvt%?;*ebJ*Nr?lMQrJ?1|1fO*h7Y#uR>
zn#auJ<_Yt(g}10JdW+TKu=p%~OVARs6kAFyWtIv{m8I6wU}?65EghCFOT^M+>9Y)2
z1}(#u5zDA$%rb77uuLcNiRwgsqBYTx=u7k`1`|Vx#fhbfWr-DuRf)BU4T;T(;lz%_
zuEa=UPhwx<K;mHHaN<bfXyRDnc;ZCjw3WB2t$M4~>ahB(erwPgvKCuQt!35<Yn8Ru
z+F)(AhOHgeE^EZvW9_pJSO=}c))DKdb<8?$ov=<P@k#0=eUdfFk>pGACk2y2NySN}
zNo7eDNmWU;NexNON#Uf9q^_h$QcqG}(m>K+(s0s9(rD6H(s<HD(sVMPtWMS^Taz8h
zzGQ!LFgcW5oLrh*mRylsm0X+LkldUcPVPwVN{%G=B=;o`Bo8JJCyykLCXXeLCr>0#
zr|>E26n%;{#gXDm@uvh+LMg>5r72}86)9CIwJ8lL%_-rOj+CyHNJ>viU&=trV9IdH
zNXlr+Sju?HM9Oq3pQ=vPr&?1TslHTyYA`jFTAW&%T9#UoT9sOx+K}3u8cyv<?MjWL
z_N4Zu4x|pI4yTT!j;4;Kj;BtfPTP2!+NQTzZ4R5y=C=iHAzQJn)K+GzuvOV=Z4I_&
zTiDiN>#{{`J+?mEfNjt=Y#XtS+Qw|-wh7y`owuv)db`!`u>0(Od(a-T7u!qiW%det
zmA%&9U~jgE?H%?md&J&j@3Rls2kpc55&Nip%sy_PuurG)xD!mDW=(UX`O^Gp!L(3X
zaaw6wSz1L}Ra$LYLt1lMIISbCD=m`Nlh&6ukT#e$oHmj+nl_d;o;Hy-?ci}snBHM^
zI2=BQ-w||#9L0`ON13C-QRS$0G&q_aVMm9f%Mo$(IQkp|jzPz;W5hA)7;}s}CLGgF
z9`}anomQvA>2vy>L1)NW>@0PbIV+r1&RS=Kv)LJTb~wA75oeFH&pF^6bPhX5oTJV$
z=eTpiIql+clbGIRbvax<m){k1g<Qq1QdgO)!d2y}bv3w}U13*;tIHK}^|<<61Fk{W
zuxrFM>Kb#6yCz)IZXS1w>D^Yh!|ikX-9dNAUF<G(m$@t4Rqk4MgS*)sc6YeD+!1$=
zyU#t~9&``8N8F?CG55H8!aeQbaod>QWA!*ZK9AoM^n^Uco>EVlr@~X^sr58?nmu7p
zho{RE@$`85JOiFV&#-62GwK=hjC&?L(_S9;kLkTuufyx}`n^GK$Xo0!^_F=nKEJlZ
zGV8zGMzN5dyCLI?5?Uyah4T2KGAw*w7S0z7=S%U1wJ#nE=f{Qf;}?|y_-C&V{{s%;
zpZz0P*#Cu7%KxNO%KxuEi+@MsSQBpjE-zZ~mAmeZ+h)VK#8v2Xye1B|oQ%GRPWK<>
z<G1j-i|$(!D(tqmF?JPw2p`spgD=1L;f_afF;a<FnHzk$yffoE?w9)$(nr7e-8}Z4
z6-dwhZl3Shy-RREg@v)UF>!FFhE+a|b$`J$_q%zPce(rVdM>2r24{Z#E5G;@Y4l~t
zlEvT6`*TEl0QZBn;-2hwaj+)$Fh;5|ZY8##``tX#8`(&|coXTriGwvm^)F$6y3n6t
z`1)Lh=47_xOW%sl4Sx`C;lSgUci-p|m%q_13Po2>?bT#z#NU%r{p0WCX_w9{Mb?j_
zt7oj5%>Vq=!21`8IhcnqRPzB$VyWUm3-Puc@gc=4N~OEze=iSB?%6mB+5A#|ne|J*
zi?l|@OJ&lzp#}E2pwDMTB_%}|T40y|e12cFOQmPAZn?N#ofP*t7Ixg6o6QbzVmC3H
zy_d0QKTU7Xr^OzfS(HCNf_!{NpKtSdzL+-`^EUq)JI^PxDV4zLR8O-ye4;_wEDOq~
zSdf2s_9*}Fvxk*eSx|W&@(WnHd>Z+GVtJ|`WBX0m{vr!X%2~SVF8G&-`zZ^mo@900
zIJ?fNXCvHpOp4iv<jvWSl!wu+GlleP(be2b(bfE)XOHvSXaALdYW6)odG<Z|7z;{o
z!|Ru`54k_h9v3HGHv1lzjF@Ze%iIrHx-5kSxj~lB=SFAe@|R&fO?>0*arTYbquedz
z{SB|V9aHt}c}Xm$a+ZbnJJ0=W_5=oF1f_$sA90b{9IxEz@E9b4KYH)DZS|(w-spR8
z8B@OE*!-7vzHm)w<5d11_}2@+wzI7F;LoCOzv)QHSz38wQ;cTOYRSbZ)$j00XU%Mq
z|5A~Qp&E<OadjK&g2UsL^ClxpvonL47Z>q5&g1cV^V0kYCZk-DkUh8L3=&Cs$?l>b
z9_7A_@w5)^^;Zh}Zv7$JAH5QNi5v7h@+FO*i+Qv$^X~N5Ev}O2yZ>?z|J~e`d!iSI
zK92qwBX9ls=<QJ_I=DQ%n|mR9oys_J|H`a20n2T!!n>u<ev&DBU%aLJeALZ9Dm#o}
z#YT)0O~6%?!;_nnmu(N^;c1pD@RV{AiFn-HilAC5ZMaPzW7I5(j&TqDs!%-UGZ{5+
zzZrLX?b+K#$7P47!rXg!-4mZ(=N^)cvJ{reY^amWFkhOvIe|dl+#!muES9e~Cy<vX
zF-U$T|I)q7H+pVgyn55)Z!EE=`OO+V-;$ScSLz$wkCSw1YYUc^>?nKdm5*;O4=hj9
zXx-=6JSlzP6O%k1LjzcF=8v)`q%Cu$ycp$d7E2jr>B`H^@pwHrCcJOJZ<5QAZAMAs
z%jI<NxjA~yz_sMn*8O4lWzO_g)@oseJ45TWNi}O8c;evA=zAxAdh-P5^YNeB2BX7=
z-yYq4=}uRH>$dV0E1!CC372GFo)}!=$$t1>qK`%2`3{%%(XYAx!#7SoAl|P1QS^SP
zM_PsPxAFL0PqBoVd9HL_F1J}OS16<kxk@5cCA^FQv<+OcN^!60;H@9*P2<nql1Y9Y
zedWQ}SnvBk`O$iP$}U^RJ2&r;4$Zs}y`O&>ul?Ti%Ur#zgPEBH!@;dANi1QH*APg+
zu_-<;+qt7Q7$jVYJ-tSslYe`jPo_1;8jOkzyKi<!^ru|G-J1%y<%;~HB~Kqb@T4c?
zvKt-x_Q#|L|E`fcq|f1#{P<>s(@FnGM_>|<0WX_}>LJz-IlA`ba)ZPmGwVIK$)v%8
zbd^GC|9bpgzffe|W6~}vY1y}B--b9}$)afUp42>9=HzL~Rq-syZsqcK$iIO-PoAqK
zj5EgZs1I{5p8KC`i^Rb3cN9LpR&PjB6yMMJR@{k-vgE!En+MCHKK?@0`#;Vy>SS`y
zsRvE^)YVHvD|eRl@YA1O=6@#E@kn%^>>E<c7iGl)ewSDq=4!VT)j+Hsd4WIzs>0DJ
z-tps&x92FluEGbRpGBn~uGx^Ep>US*ce`$V`QzWbvF;9oVc+e>`~LiQ9pave)g(%M
z(@$_)@tGWtzAAfP{Sj(=8V2V(G2U9Nhv+7kE8=*C1f8f(6dh`RUS5389TFB$Nn~gB
znw;mNGw+|t%F#=c;&%Uh$GXSw{$HE3%!^xJ;1hP<G^2-oMRcFasLJ1c{CE97yzRl2
z1<~H`M;m|g#Kz6vc$eeyBhA-Oa34PQDX-+Ep{NnJNw2;2C&^=qJL$Wy1Vg+s#6ezj
z`y%H|^Ity{_58lz`{8uVeHZ78UMv{{=QePh<N<xE$NzEk5szzY`^~f1u?_nxAKbJ>
zF7ar+`ka?9y}#$_!dqVMnLkGBqQ8}QDxSG_`L$@5Li5}c{}KHW_V1ox;n&OVNl)Q3
z^73Aq7(CmwgY$m+sz&}x?%~fq6mKYgFZyqiVr3!D5cB89#cY0W#eJ1X<cd7nSLv=_
z*L?NPd-m<QE&A7u<$cenLhr7AHYr9E8{&4~o%hx$;cqvE=r5&-+}1YPY~0<^3(>LP
ze6YXep8T&5{iMXaM7>15Xww@HVtBf8`2Cx_!~ch83O9UBer)v9*A@Tg#rf06Bl0`s
zuYK{cIT+3i0W+OL^#7$gnsg{l)X0DS|1q<0AnYF=3+aEJ^7u>i+J+6mZP7pc9v>iA
G`F{b+{I4tk

literal 0
HcmV?d00001