From d4d92aec609b8066e0912ed6f980739a671b5ddf Mon Sep 17 00:00:00 2001
From: "Matteo Franci a.k.a. Fugerit" <m@fugerit.org>
Date: Tue, 19 Nov 2024 17:12:15 +0100
Subject: [PATCH] Fix image validation #262

---
 .../doc/val/core/basic/ImageValidator.java    |  26 +++++++-----------
 .../java/doc/val/p7m/P7MContentValidator.java |   8 ++++--
 .../doc/val/p7m/TestP7MContentValidator.java  |   5 ++++
 .../test/resources/sample/docx_as_docx.docx   | Bin 0 -> 11751 bytes
 4 files changed, 21 insertions(+), 18 deletions(-)
 create mode 100644 fj-doc-val-p7m/src/test/resources/sample/docx_as_docx.docx

diff --git a/fj-doc-val-core/src/main/java/org/fugerit/java/doc/val/core/basic/ImageValidator.java b/fj-doc-val-core/src/main/java/org/fugerit/java/doc/val/core/basic/ImageValidator.java
index baf08b145..5b5ff8aaf 100644
--- a/fj-doc-val-core/src/main/java/org/fugerit/java/doc/val/core/basic/ImageValidator.java
+++ b/fj-doc-val-core/src/main/java/org/fugerit/java/doc/val/core/basic/ImageValidator.java
@@ -1,6 +1,5 @@
 package org.fugerit.java.doc.val.core.basic;
 
-import java.io.IOException;
 import java.io.InputStream;
 import java.util.Collections;
 import java.util.Iterator;
@@ -11,7 +10,6 @@
 import javax.imageio.stream.ImageInputStream;
 
 import org.fugerit.java.core.lang.helpers.JavaVersionHelper;
-import org.fugerit.java.core.util.result.Result;
 import org.fugerit.java.doc.val.core.DocTypeValidationResult;
 import org.fugerit.java.doc.val.core.DocTypeValidator;
 
@@ -54,23 +52,19 @@ public static boolean javaVersionSupportHelper( int javaMajorVersionFound, int j
 	private int javaMajorVersionRequired;
 	
 	@Override
-	public DocTypeValidationResult validate(InputStream is) throws IOException {
-		DocTypeValidationResult result = DocTypeValidationResult.newFail();
+	public DocTypeValidationResult validate(InputStream is) {
 		try ( ImageInputStream iis = ImageIO.createImageInputStream( is ) ) {
 			Iterator<ImageReader> readers = ImageIO.getImageReadersByFormatName( this.format );
-			while (readers.hasNext()) {
-			    try {        
-			        ImageReader reader = readers.next();
-			        reader.setInput(iis);
-			        reader.read(0);
-			        result.setResultCode( Result.RESULT_CODE_OK );
-			        break;
-			    } catch (IOException exp) {
-			    	log.debug( "checkImage {}", exp.getMessage() );
-			    }
-			}			
+			if (readers.hasNext()) {
+				ImageReader reader = readers.next();
+				reader.setInput(iis);
+				reader.read(0);
+				return DocTypeValidationResult.newOk();
+			}
+		}  catch (Exception exp) {
+			log.debug( "checkImage (v2) {}", exp.getMessage() );
 		}
-		return result;
+		return DocTypeValidationResult.newFail();
 	}
 
 	protected ImageValidator(String mimeType, Set<String> supportedExtensions, String format, int javaMajorVersionRequired) {
diff --git a/fj-doc-val-p7m/src/main/java/org/fugerit/java/doc/val/p7m/P7MContentValidator.java b/fj-doc-val-p7m/src/main/java/org/fugerit/java/doc/val/p7m/P7MContentValidator.java
index 60922b0d7..dd9f0c80b 100644
--- a/fj-doc-val-p7m/src/main/java/org/fugerit/java/doc/val/p7m/P7MContentValidator.java
+++ b/fj-doc-val-p7m/src/main/java/org/fugerit/java/doc/val/p7m/P7MContentValidator.java
@@ -3,6 +3,8 @@
 import java.io.ByteArrayOutputStream;
 import java.io.InputStream;
 
+import lombok.extern.slf4j.Slf4j;
+import org.bouncycastle.cms.CMSException;
 import org.fugerit.java.core.cfg.ConfigRuntimeException;
 import org.fugerit.java.core.function.SafeFunction;
 import org.fugerit.java.doc.val.core.DocTypeValidationResult;
@@ -13,6 +15,7 @@
 import lombok.Getter;
 import lombok.Setter;
 
+@Slf4j
 public class P7MContentValidator extends AbstractDocTypeValidator {
 
 	public static final boolean DEFAULT_PROCEED_ON_INNTER_CHECK = Boolean.FALSE;
@@ -51,10 +54,11 @@ public String checkInnerType(InputStream is ) {
 					} else {
 						throw new ConfigRuntimeException( "Content not valid for this validator facade!" );
 					}
-				} else {
-					return null;
 				}
+			} catch (CMSException e) {
+				log.warn( String.format( "Error on inner check : %s", e ) );
 			}
+			return null;
 		} );
 	}
 	
diff --git a/fj-doc-val-p7m/src/test/java/test/org/fugerit/java/doc/val/p7m/TestP7MContentValidator.java b/fj-doc-val-p7m/src/test/java/test/org/fugerit/java/doc/val/p7m/TestP7MContentValidator.java
index 9ce7090ba..938059d6a 100644
--- a/fj-doc-val-p7m/src/test/java/test/org/fugerit/java/doc/val/p7m/TestP7MContentValidator.java
+++ b/fj-doc-val-p7m/src/test/java/test/org/fugerit/java/doc/val/p7m/TestP7MContentValidator.java
@@ -63,6 +63,11 @@ public void testP7MAsP7MKo() {
 		Assert.assertTrue( ok );
 	}
 
+	@Test
+	public void testKO() {
+		Assert.assertNull( this.worker( CONTENT_JPG_PROCEED, "docx_as_docx.docx" ) );
+	}
+
 	@Test
 	public void testProccedKo() {
 		Assert.assertNull( this.worker( CONTENT_JPG_PROCEED,  FILENAME_PDF_AS_P7M ) );
diff --git a/fj-doc-val-p7m/src/test/resources/sample/docx_as_docx.docx b/fj-doc-val-p7m/src/test/resources/sample/docx_as_docx.docx
new file mode 100644
index 0000000000000000000000000000000000000000..4db2f89f849db7732140bcebc28ef5006cf5abd9
GIT binary patch
literal 11751
zcmeHtWm{dzw)IAWy9FnBaCdi2aDoJPg1ZC@65QQk;~FGDaCdiicXzoveNNv_r_cNT
zfqT}6_3X8)##~kP%u%!ESW{jG0uloN1%Lqn0K|ZmoN)^cFaY4qD*yl;00XWmVr}JM
zWaXfv>}q3VuSM@-Y4Ii-68vo@036i+zt{ia6{wCKuxe*S5xa@IM~<ph(cjH3q6QD)
zkEc`IgT{6TSAB}^X?$)*2Uk!5i-NNtA!oT+W>M|-9h*<KfJOc8On&g1FWx6c+l+%|
zZf29t%MgcREtYXvsE^&-g0-;;N0uFok@R~<^pFyqTq-ct7gOyP5KbKzp-Sc!#zN@#
zh{dvc)3gkcuuN`4CHEZ~4@o-{4L+uFhRwrDk_6ju&VEA8Bu>^(w;Cg8|MT8tM(pPV
z`AEA3UweYna9nJGMEMWl(1#904y+0^z1<{v&U%F*<)4*5y8if<L;HRKfAvx&m%RFZ
zo=%hjENXZ$IlELXYbpKZEp%QOSR=34#sUE{Rn#gjfM@5uAEvB8x%k;YBYIBuVo)M(
z9k2MOCD<rah%DFZk?q;})Zm<9+e<Jr;D$i=a=At6u-PhrX>Y<yD@AhJWCZ%kGE<PC
zcYEQ%@)iOBczJ;U$p4L!gi*M)Cm=t24`LiVh>|*XMi%xA^gr+arQ-i#{{1rblIS+`
z4n_pQ6W=G_u_lH2Hf-Q~27}QB>^W!{O(|LQg<12N=O^CTS#YgAJ&A$wiI`D0`&4nq
z)mW`l+;|nl;3nAVJM9k5hej7boPT33lgqTtIzr0!weeFwsT5VeZ-_c(@CYtc)NNqm
zP%HWtwdnO$KD-$T)ySj)SrstdR%PZU(UT=JiD_!uTvF2=x`<D#Ie?&k7{?RNSfC<-
zg)TCpeYsMrQ+Yq8jycSn>WUWEf{}qdHA=q(4)?TiY~KyolHV2NPYas`8^rMN+4v)x
z#`8|_HjV)M39)*$&YCq|s+Q0NC@}q#AJc|a3YVb8U;?oR9{>a9Y;9-A@Gp`WS{pc8
zf}+>Yu=OWlz(BDJWat0(RT4b_av0Fw?f>kX=t0NhAuqgXAx*q6{R9vr6eysD9lBg=
zDVLNw7}c#mwJS@sAMs{i7-<W34xMz*&+N5B*$pjspP_asBrHD`LizOJ(*XfBc9gEB
zwzft3sQG)D$txexY)-{drmx>)4Y~1IjrcQV7{Vfaw^_SYp)9o>L+s*qoSEO_$fq-Q
zm8qgQU$F(6Bis_zSSK&9`f^x9aPun>3)sAb4(@SEs}X1#zKUU#5slmtQ<VuGB?>WM
z&X=bxY6W%`w(6x9w`f(SPtZTt5Otq?OSG?3AI~}qr)jE1kI2}4ODxClb_Y7j{L^c^
z6!V2#K|87?Gys4Ka)v*==2w5oi5s$7U_|gffw)ErI4(V8mC_=W@+s3A>+sH=8}=m`
zs6jb^jz;5fzgMUv$fuJh8|q>gJ13=*zC65EnH-D98Hh^-ZZeCb#wc%njJLnsxfuz;
z5SvC#iqVi_m*6oTJ6eCJRgc*Uwt|eI2luO12kzmk4DTTr$k0#(HesaV8mX+&7ow?Q
zzRE}7=-+g~ptQXm7gsQ*>wFN}j8~gn+dZ(YUW|lF<+BMj6ALvchaly`VQ%B#^gu=<
zl2J;QlE><YSr=p_$LcKMxCgIG=4@VPbLJ83o*)Enn;IBS6VqQ8x+Ijm%XPmZ+)k`3
z9q^b5M?u9?6+x1o4?cKG4=x`URKJQmG7+;7TUub_#>sGgbG%T7&}uM#qCvIKelZdx
z^;uMcSO3IT7S7t>ItiwI3*}Zu)Bf9!zD?HFT?k$CIkP~iudPm$0mWmx=Z*9NxZlSh
z!ZIY>qYwB7MvBqZmdv<#+pZf8<1xo<;$97<OBW)jPer0$@_)G&%Yuk%AvXn^aL7GR
z^ExQ#)5YCku*c{D_K}63$hSC*z*QEe&5-SJHpzU+KZ{`WXDNpDN110F7>v*AiiXju
zG7V_cU(0Bl#qXBP-x%v)ja(Go>Ec<4Q~V?_8;?Xma(jlK`dK_02IlHUVF|Tf{C4zO
zXxm)|Uw*!r4tRX`?y#&`-ucHPG<BV>l--7eag53--@Ed0tg-=}P9C0D_HS?~XY@2(
z)VWUV*sj;5x$-;T%#?7Bs)lYNQ0zOVx>d;c69jH`zhcT+G*q6#Qf(l(V%Nj*bc+ah
zI5(%CV{yi)Y)rm(tRW8=smXG=m7{<DkI_FYH+7f}3IK@01pqMr^iu~@BTFNOKkiIF
z_qIdzcOiHj*v+r+i8>bvB93spXwRVBEhsIWVj>+C?P5(fag5kVS)!e1`~;=mH(|h;
z?Pd8ayS>fzfx>m$i%^#|ogh+>VljxY_#sn|<TuV%a&^{NPS{j_DY@~(?TD6Q6*3oL
zBInao*({b|kQ_v+pVq;$i?W%fw{0S1<S3+L=_~!|?@ti|^>8;Xe)^Dp9_`n<Gr^o0
zM=HgGuZJSFvRGmRo2lLz^op?|77M}2`L84@AJi<BbfZvWN$S!rhWjJJFxK&<=@Y3x
z_&*S%zMu^o`pS)y?%{8-lUvw)jM1@Z<Bk4;E?FOsO_iB%;LuGc_+}#;_-Sr`r07_u
zls*h*MPIWLudrp2o&zTQpr0O*Qbwf5HqF?2PX`QUr4v!JWBc2W%Y4A-O_wYSy-~@+
z$tAQ^IGs;rcH2!Ro9QI$=RPk3h!y)Si4GchRR{J{U{r0e9&9Y8mWZr|<H*=4Tr6e^
z-fjF69w!}Qxgcs=-x<`rQwm~v;t?8i?q&e$vTd3|aeBvx0&_D*qifienrZ#p$UIUo
z`96PqN^b^ZQ#cQwi#KgC7`_nr;`(bty244OH3!$dR)H_)8wJt9FpDDJ4Aa=|EPzty
zV1sgJq0Xgp{vV1VU7z-+?qU*l<UIMj?k^wvM($=)oH%sR;*XY}Pp5Q71fad1&z}}d
zbW+YrLcJ~~UR!%UJY_7}hfQ-ZEH{2WyI){<xjjn)Tb5bNK_J?|X0m}#`_jOQh0coL
zO|jRY9!eTGfYn51$mlcP?M-+tDYBv=2##3CKfd82fN7@(uALz;2}2~dmudiUYK-xz
zRYY1UBd?olDb^qk$S5a#vAWk7+5o>6WM*MaH_&k>TjFkEw<jhEbp09_+krwJ2r(xS
zfy$i7*QyqBKzyy#zZ>fdjeSYX9$*+sId86kv(#GAJJ2pFzo{8AwB|9I-?{1O{oWyG
z7B4dKBT2UZ8F#8ZHXcq#Vr&$2qy$B@M9Aa}_;6jXLm<qn4giyJ<&QLa)_M;A!Ndtq
zNvw)+SuTEdV&pfuMw{M*?x>+A;=`Ol{j+kj6>8Zii&=}3U-o%Kr^N_$E7_KAn8wFF
z&X$`g4SO2}4M%v{EMY~jp6cEx1;$?NCzthb{*d3C*<AAQI;R)CymB5HN^XFV;(%Zv
z-EP9bbDpU8v+gK`ua%epc-_|Xd0%WIp=ovjo^)zn5{_OPEvy$t8eSj7@fU}Dw$=Jz
zwO;CcLq)L}$N<BwD?OK#sLhBLR+JqY9|2b-iE**U`Y};h1&V4bLywR^%!VSMun<)^
zz5xj*QGsF@YRcl0j;EKGKSyX<qZm^zza4O{(!i-1>|~2}R`PvLgD-$?saT_cFaaKX
z{8~#g7HUF@6@g4cY~vN#<e*b~wt?<g{BdoiypF4C=QD)-bM+cG4r#^m8zG-TC1V{!
z=bfZwELo3v$Bs+x=mRU}(x|s|9BHCvIO2?g2SYr=jwW%6Vd)566k)0l9-A7$y~*s6
zqUAnH6+5_PHX9x4Gs(f4S#P^p)*_^q{K#bM<3}z8U+|2Qazl~dgfJ)W_iqy!gewZ#
z&`!H?A(E-v7Efu~g%iE~5&pC$_TD2dCNxiJ^Ma19xM+7E72BNwHXf7vbxuU~Du!$?
zZxg&&=A!C5D8|-M1|ZIAb#>hbg^w}CpJ~inl1ppel2yTMQ%b83veZ#C?8R<pC6<jy
zm+!<R`7ui+@H;ZFM-z~bE!uhaDovCSot#86RA}rqcT>k4JC+_`Xw)9X);;>jXV>7$
z0x59t3Q9E`&3PJ8Vgoekhb&Dx%jA5oRA`U`*R>1H@yaQ8H?!34AZ)eL(1$Tp94OLJ
z8`r;X$-*js%Az;HA5>cWPB>>Za<*Ugp<?0q+d3<L!?=@snDmGv-uEocD(I(s15^yc
zE;bH4cd~SoUJ|dD?0Jsmw$3iLhhVu4YL%PSB4*VSU314H0$C?HD1$j`Fj|s}0(Bxs
z+%(UsakEQtOp{UT58T>SIykIN)4Hsui%uq&v*46)hnKkN6ZkbWL&-ZTsd;pJwLEe0
zO651Hs^xqRZV?x1AxW=S#9T1TpIZLo=~=dCmwE*hc~szjIS1JrIXIYEnb`k~E!C<r
z5ew`n&98U87#+%{qiMOc*_L%JdxoG6@&XrStYbyzI?rE4SI)rRukhq_#&O_5zV}V#
zO}5s?_hh*|;D`tfM^ZB*x#bNk&(`&GB{y$(zF0ju;!b@<YKc;giitnsi$2|!lA`0~
z>M_X14mEfQBW#maWlne)7Io)RQp{&8sRJ9t<sBxEfOD(dz$CJt6{km@C>jv!hh~pU
zslbYO&!|sW9lYZa7#SrEONVQqWjDr})BY53BcHH&^ieh29A~@R2%kna3##oZUGfN6
z@q&lg+JtO(J57uf>egU@uVu3cl)sAUA>UGmE)@0u9ssXD`C9TelG6iqm+A&{^EhHx
z*vB28Yp?PA@By5R0bG{txfw;BNWVl5LEv66S$jMhsh%=dxQO)Q3bN{!GY>rmHB~Hx
z2Tt3Vcv<}_l-jct3_JHWS}|N1t~gonmx@=JZP`=^%-FhgOu1IZ)WN8JeA_(!*x!~u
zrOJijO)6H28R_{!0wKQa>xfk$EoW>J+V}K%>CW?}4^j|lA4LhrwG~Ace6f&e3qzY+
zm|B<9i)U1aqi?>kv1gYQ<EUC~L-oDjPw5CNs3>hz**p)aK%#d~P0N2|j`Ah|N`}?e
zjQDdYGzP50pTn-4-+L4z`UD<t3dpzB!g)6fZzH#c9!agUiRbyVKjj!6Q%uM9A}UB1
z@MuFgdulL`v#JS!gMVBEGzFqb%<MR0Pko#BVm!G`6+e}qoQEg!XIy3tURUSVyo}Sh
zL?i2~e5>&pG3njJ=27*?iiyz=tx7K{26ebFwVevl5@pCRb|=J$Qn5lpEI;?g&TmMk
zT#D7X&>i0(SVdyX^tyRhjnlT+#_as@C?^mV8;Gr}vzm+iUA<l~29A+Sp5?RS2;7t<
zohDByY?H6k{Zic98?|eV)|xnJzp)f-U48Yn^T3_AA4L3Efmh+aS+H&q1bb4$7gs<{
zi+BnpHCIu%*mdC@y|mmJ4}fYmcPU+x_#xv)YpXV{cMPF&ZK%5h?@NDH&(aVy^A1XD
z-*GQ<pphQWL8&}NgTO+jM0bxLP|;+16_%-tZ~J7`s#8!;vC9|jGIeB_nXrrT6g>?T
z2`AFq*ht2{MJJOQ8U=a)&?E+yle1$?hgdX2)D7-<g~JfeNv{Uy6dpq~4mA}}GYxF@
zx4x}=9l+&_cHl;y;$mm<UN>~CvzCiFLdQTxPsnL&^%Ni0q_l9_mj}*)_Ytiw3#=Ra
zu$H+GHW;TJ>~xvqFpO`J$j(%e$pXn>Umvg{Rn^XsHKZ+R%bCo)T#M|#ATK|H@}7TY
zMYe|AGgF{_LIQN+MEmo!X$+EpmG$&3jDBthi!meNDU2xHCvo>k@h5l)K87LjCDoQB
zrOH>M$Nb(K*x&XAdN=%r7MvN$_(Y@Fzt$)Uscqvu>?9#?ubmB<+C>t^R$;y~2}LvW
zU!Yo0zPvKBcb0>Nv~vE)Lqp>hD@gQ#NPzd!=*R-_<$*3%T)7%CizWtAlm_u@(m_s_
z?os0!n2tvb_OaJ-1J9alkMBHnX**LNw&p18#)^ooW2xWcdgrnv-uiQ=Oqi%imI^_t
z>65!@(?!ED4>8y`W1vL(T7No|nI{;tv<q|@5(}+y|J!UE_x|<4-4*Y3c0ngFHSb15
z1=&EzaPejZebKu`wVgXvQdk+1M9d)F`ec5JJ(&T-00H~b8tpE@o>GV;{livAG4*ct
zl2+R~dv+r6WCVDz0lr=^W_m;5M|<GqS&ncypj$Bii>chbk2_lqdw?Jt_H0MIibEPp
zd?^PWH#L=Uk9=Q(Tud~gN!P(d&fo|f9tJAc85;o?iQVw0(?LUr)%Kv*Mr4uJm6R)K
zYuCY~IGUO0ukM*RSz7u~iGFZ!F;9A}^`1B1(u6-ohQ(}N-34RHjeYs-HX7=6YF~1(
zC3Oc>m9-RZF3LmvkYZ#S^-`^#2V3I#A45Wn)3g*es6`Nz9%KCJ1kOhKO20&f*s(Tg
z2qqM$)rM6bzr_WM5V}eSO_V|xR3Q&<)-+4sB-!2^tAh!iG8I&YBf1zv{%sTE5I(3Y
zs3g8F@rZypRTP3!k44t|Emy9(>EMvCPk3*Ifyk|HOf8Lxj*ig9lyAj6E78d9!pg=L
z6csHI8t5{&h{*%bXBEXYa|ZEz*;|gsTTv-AAN!$okc>a7D0vv3Q^9>Nb+(bQ`idg6
zV$BSRN_9R>`8-{(R2_cKZDiL<>&p1q)zsrrPyEBnn@f6hCCvb|ZB7L_sfU7nIc!g#
zKG)V;B1R+5h(vtY4rsq7)!qGvcR3axgvf$&45_C&+~{d?m3i--)fAiiCYcN`TrEX1
zkI&ZL!(Eu1Tp)wi>7R6Rj=&lk1+C;9D8QnCq$!ZTAa7@FW6z*xWAl?tApQ2gaujIg
zQk4ckS_?|!>s<ku#-3_llD7!KLTj15S(XTDQp1|&M(DYcUly@#TbgC4RJUsK_gQ%!
zRu4t?ufID_p(@q1&FFtu3x;cgExmfs;APJ!=MSbvzs34^suqH7Y+Jn2qO^cPLQ$DW
zL%(KEha_rCXT%PDNX#&MG&kWt2~m-B&FqlI=JI+_CL(?F%FdPaEN--RR=cY(6Pu<i
z;<80-K{vShaWa);W}>K#pZm?^igcc4wT~M)r7D|GD_f03lc5{)B-VA}m2@9!!A|6S
z8==oU{u>|S^bBp=?Lp-XeTQklneNqxPl~-+z<oV=%{T}09pYe~*(_J7`1fL+i^@7B
zL`I?BM&z@UfnPZ+V{)CK@U7~cmwW~aHm!x1NMoC<+ORw%G>FFJB~@w!T&rfX?~!l@
zI?ZkU4BKL`JH!oI>5Zl9D=<FF+mS$VMx+=#WEJ4I8LjFfkYMZdZ&2cIe+^FodKG95
zO(Efmm$Go#8|`pB7u3UgK#oAfqp!oh^hQ*`I&U#92e?QL*F0P7eGAd;ccQ-*urDB}
znmrfJPm}el-+_vz+2Wcxso?8*JbL^3iuJkB&9O@DoFjEKX+tE@llTe#Ke2$005#Yf
z!~zNs3s8S$fq}K%A2H>>Gyrh`bcIIuy$7kXf+v!XBAf09v}iK1dDJrGWN?^}K6N<m
z8VErKa}Zfx5moV6NRnJGyw=)>IFu9RBsctRYU)L>u-*J;f@g}7-_s+%TJUodr;Fu5
z4#>PhuLP6H+glTAcN~;~kWn&ceB0(WoMSO~<=05EpQt#Xlcno)2(uMkJdS~&Wjd|Q
z@;p2(D6%4u{pt-m0#2zvDIc~}KE`MHedHJp@HVPVd2eAEUt7Ui+Amax8L!@LL#s<J
zn%<%x#Xvk6Z2?qO*vhh@9Cwg+C)V$qf9y*Z)qlX3Ookx@cH)owStVE*31}~S8#M4i
zS`8sG(!S$vNm)wOaSc(A*IH&*&M0($MoKASZLhyi>(v9N<xm8s7=BurvvC-vrC&7t
zfYv!@{36lfQ{Ua1U$P>O%hri<-JBZ*CzO*#6aZ}X$XB<)h3=_15kMX$l&;^a<^W&&
zQPzEga6f3^;2Aa4*UVt<;eMs5H<ot)(tYgr@TI1_fq~}<blUmn=B?N`yf6!L=tO$}
z;OF-KheB-c;A&y?M_$yKrfI)WkJ_`sGjY;7ru4Add(PH}zZ1Ga_I+n_9i3~4MN}Bg
zJX+p0=*aUP{0)_l_Luc9nm2vZMqYrk9<QJ+vB#sE9x^1)Guqe8O^Jir1n<Gq1DMhF
z_Vv#<jwjj<q#|F_hN;mic`~`K-)-JFdp!+UBU@jrQ*FCu0?eM-VHqe6vS%C9-e1@Z
zp~tsG<E0lNCos#XWoa81o3&Ry*x94>8+O1|pj5m~&y)E2)g%Tt1~IF5OVRJq7h%9J
z-#;kBm{(OaY5P+}AKrWi%DnGj_B#rZ^c{0xOx-%UY>wvOA*44NsxfoIz<S(#V!Z@Z
zZoA3X?H00Su=lp!qyWwVE+ktG(!4vRb|Ok4wB{!DTxNq1wWvvoS4AIuz~q*x*hq0a
zS7lVY#maPyYt^4BJ&m3}N1H`KBU`Hz!rA7#WyuH0PaX`gzDB=-HF32~f}g%y(|DP<
zlS+I&y>KE%MxnH%|4ekX#(<?G8y=qQT;_nRanePr#dZ?3zPdep+}Guo4=u2LU+TZE
zEvx3l*fQxe;nq>qGQDk;-olJ%t@c)y$3oqPO~J(ED=selQ3!B?V<_Y#mrzd?tJ10y
zP}HJ%h!I+s++xl?LZehDcXwWeaN^3!FbVw{eInlNqG!mG!Z0t?p2^i<UfFusm847z
z<81O?za9(q<;V73M5;u?&C8=9h1Zk#+X3Y#uh0A}Rd0rY5fQ{IrZk0eN_lK|MG*Q=
zM~a8I9BVIDx>XuMWw&f5+!>HnJ1`R-80(S}o72-yECVJBR?YtAySKTx+^&TI?{$i@
zsuIk1A9Hcto)i&r245<Pqr@L8m`N<4<Zo>8twindjYaJ7wT12RRfX*F-wWE~qZ16-
z4jQobFug-f6%Hs<H+^?)&|`73bG#yPYkPBo_E`6D1MpmYf?bJd5NLU@y~(#1IDS4n
z>RHMtIa@R@#9VxvlG|mPK$lCasD7Hc8nIzUt3s<}ICgsZKEi|yPs+QHS+j|h@Ev@T
zYm-+1cFg_B2)x$tD?1$8uA)I@Oa7V--lr}D6>@0WV2lWq#Ix){eA0E6e3s@-966Eq
zTorqn^=Js=%<3qELx`GD6)w1_$T}iqQg92frTaVI*@NCBPQt>oa5aC5j@tS<LP8{<
zii_6Bu#t#f(L658)Pbvmhdp>Z-m2UE0SbzxneiJd5H~wnoK=x6%(T@UcdSn3BF232
z=Z`7YY};b9jh>_T7!^`y*F^^GkF!fEv{!m(V^4`8D*cn-x{t?s{KmM8m7%4~HR{m!
z1r8k3%f=QwCq|bTiwcJmHDpDOO-Upl%!|b|!ih$)!umgI5=J%E@RImix^B>2i_yhg
zfgdI3r6(nXWKUEFu=ZBlV<k*|acW#pWAY3*LO7K&<Vr%UuYhE^E!G}3=b~a>DNESk
zsWAwvow_Iyoo~XG8XZszxM4NBy*KM%QHfuQpzw&cr6qC^l}LS^RI;6Hc}Ggx_h!IL
zmi<#ayb{fKln&>sA=s-`_=V8r%!S0DSn=8jXjpX6HvFZo`Qe<aE(TA_c;6=rtT{o9
z7@gVJgY48=;BNhdm7q~s%;sLS`g?-t*RKeN(kO?9)X|}VlIBTNib9phY>fi96T+3W
z*;z}*jr9S!tD>D;GVD{?zO9<n4EzO;BHwVC8@(!JcQ=HU^Xf@`)W0HL*qt#DhRZqX
z7zx@L?rN$hZbTRte#+jn*+_t;Tf8OzqM&p{c=<>^JBwxY*j;0zjOUJ7#rt|#sbHD6
zXvorKa)GD$w%C<9ey%cf59%9ObeJv#8J;jsf>g4SRmB>r)weYTYlgL0Cf+Y1b^$jL
zvZ99i*w}GsP~zmiJ_=^Kx;fyXEy6ut!dhg1-c<9ypwfZSVo&jsE<K^AZB^(hUktVu
zY$y3B46#4}lTCVvz?(l7i7_tGcMB^HaluQ~0;S;7EeyLWDM>ba63emMz{Z1}Qu=b6
ze+cDGi7i4(dW3RQe6;w$Ngd^N{z`p@HKbApQbJT6Uq;Ho!m_r5DeCCc%(Z_K50|*}
z8oM#E&H(3nl0nL1MUi&;hgu`vljgnd%#QSoE^{r&i>qtXmM|`!MZ7tT!_se0h)!X5
z>h=OMA7)<@1~Hp)!&&EX@(>bQ7(3A18hV{tk&gxQ5@5qF@GcPj&?K)V8G#mWXV*av
zW#zXNyS`h47&zvkY<FFGoSSwD?{i+}2&rjH8@hg%V`(^p!F!S-Mpq1(pjR-0CFmI7
z+D#xZ$b0M(8nTEHnzk6*)@(<5k8qv#g61|7E|r|ubTozj1_Zgx9K183D&Dv*MStI6
zy<e{YpU=7@M7iT~8&s?sZyT|(>aZb>FwA4sxeB={j?gbUY@;k~rv$Y_!J%&xZAUsf
z2X~BWGY8kbQHdFP)2AA_9#bk_0=^j7HUP!}ZmAq7i09ZT-4-T@gX!mvgQ++w?hjL~
zKn!ZB19aeEc5j5jZFq#jQSpoWWBluX5CW6rU)}g-u7_<HfWmO|1t>o3)S{VT=F=gh
zAcU>B|JhFj(XVZAsHQ++$e&%AsbOxIsdF;J{`_mIG~gKo;RLq3fFQvU3dFDe7}}pN
z`Z=D!e-6>U(#B6gk9W9$ak-};a@{~#Qs{rj_AdzNQC|Gjn)Y9#-%ZK5qLQ95x@LJ)
zklVq0=#bNzO1rmO>9+)ie+4FM|4{EZ5p!YK@)&j9SgR=H2oUNd!5YWUc1l&P{jnVl
zGZ{2u{o%>^cJ?w#pk8?eUT-)F{I+jY(nfYG$GU$ZDzleoFJ;e(OwBR<(nyB~?GQ@t
zKDzA8$X+3Mp1^0dnbqLc2>zPK+&tV@k;MdHsUT;&N75XeAH-rpL}}}UAmz@^SUyD0
zo`t&y)tk$A5+OFn6qoO03RGgkvzP*cw<!=*M&4ml15>=mCxY7G55%)Doq&%y0qh;p
zN7l+5U^HxGE>eh$&x#_kwUa1Ylx(u0YK6pLG~d1KoX{I{ps>9PiTgFp1J7e{kNdwV
zih!${OSVe$*?m3iyp=&zSO(!TCT(oL#^Iv<yY)00SNAbD;H@<XC}%ED4$KXJESZe-
z2KD&G-hRwHzL=R*nBpv44_$kS;3Co-Tqn5+%_vZ#GMlfMJY-d!PN)=j$aX54E;)r!
znU6!SAk+$6T8<Kmp#;xgbv6t%q7QVAQvaSsnTDNoSaG~tZnug|lj24ZdF^DKd7+H?
z$M2Km|DMagTXMAvK}I$IXkjbU*pL3h%)e*!rwJ=iAH{^fOn^H6zwQ5Nh3n6kgI+-}
zHGY|O1)vyWAK_5ap-*T3_ySey*deR@1ZC!dHv0LD!rW84z%4!gSXy2nrpVJfde7FQ
z`<wZ=XnRfjcXQejFaEx<Y0Lq3oQNWw!f3~nc(m%H+aJmk2}_KuD`j6Dow=*;wGSpu
ztY_f)4*8Z;D^EF%%}yj$)_>gJ=B0-{a2M8B2Ns(+7kXKZOM(&Z@2IMzg%PUzD`w~v
zT6ySA)oyh^O(imf>`%;P{cwJs+X>k>Sxr4l>U;gZwR$OO-{|R)u_y9_0D?|NuhWoh
z`i@b*!IMQxxDdyTYAAuVGqUFL+`CulukF++J|bf8Djm@8nCm8)Z>Ko@U{l(c%J%ZD
zxN8M{p4rWi9DvzYjECp*k)2#yJE)2QMmSnI^AQbuaxeB>i``7D;YZ9iBo5w5pRe|W
zA#p^Ed}_hmo<1;_sgWB@nQ~q6)YraBzgle|#(7IS6-YtB1kU4(bZyTxRQu)rQyYsy
z`rdy3rzURFEyquHFDhAg3|==npd<djk^nGpI*{)5pDSX2rfI)k|DirsUgqxx{$9WL
zD>w#}5dTum_dD?Kg-yQ#t3V0M|F6vHcT2w)yZmKq4^;O1kJ6Xl;lI})`~{B!<wt+O
zf3HaR-Nf&onf@|y2CBaKS8DZ(y!bo(cU}4~_zS2g;t%-WRO;XHze}2b;UTgAjsH#H
z{N2LerM$oJpt?*P0N{6F?|1ayC6Hgy%J{#a{}e=ihyR|6{$&83=+D*r-^5g2<`u|2
Se%6Y@1KL0mE(*=hr~d&1MAQTT

literal 0
HcmV?d00001