Code to mitigate IIS semicolon zero-day
Code to mitigate IIS semicolon zero-day
--001636c928016bbed5047bce15ba
Content-Type: text/plain; charset=ISO-8859-1
This mitigation should help block attempts to exploit the IIS
semicolon zero-day (BID 37460), but no warranties and no guarantees.
It didn't crash my web servers during testing, but I make no
representations as to how it will or won't perform on anyone else's
web servers. This mitigation is only intended for IIS 4.0, 5.x, and
6.0; IIS 7.0 does not appear to be vulnerable (although in my testing,
IIS 4.0, 5.0, and 5.1 didn't appear to be vulnerable, either), and 7.5
is also reportedly not vulnerable.
If an attack is blocked, it should show up in the IIS logs with HTTP
status 403 and the made-up substatus 59; for example, on IIS 6.0:
2009-12-27 12:34:56 W3SVC1 169.254.123.200 GET /evil.asp;x.jpg - 80
- 169.254.123.100 Mozilla/4.0+(compatible;+MSIE+...) 403 59 0
When passed a malformed file name by IIS due to the vulnerability,
most (non-.NET) ISAPI extensions will process the file, including:
asp.dll / asp51.dll: .asa, .asp, .cdx, .cer, .htr
httpodbc.dll: .idc
ssinc.dll: .shtm, .shtml, .stm
So to get the most protection, you'll need to remap the file
extensions for each different ISAPI extension to a different copy of
the mitigation DLL -- it uses the file name with which it loads to
figure out which ISAPI extension it's wrapping. You'll also need to
set up the registry to tell it where to find the ISAPI extension it's
replacing. For example:
[HKEY_LOCAL_MACHINE\SOFTWARE\iissemi1]
"iissemi1_asp.dll" = "C:\WINDOWS\system32\inetsrv\asp.dll"
"iissemi1_ssinc.dll" = "C:\WINDOWS\system32\inetsrv\ssinc.dll"
Try out a malformed file name after deploying to make sure you have
everything set up properly.
Sorry I can't host an installer right now to automate all of this.
Hopefully most people won't need to use this mitigation, but if the
other options for reducing exposure aren't viable in your situation, I
hope this one will be.
-- Derek
P.S. The vulnerability can also be exploited if a subdirectory
containing ".xxx;" can be created; for instance, accessing
"/~y.asp;y/z.jpg" would cause "z.jpg" to be executed by the ASP ISAPI
extension as though it were an ASP script.
--001636c928016bbed5047bce15ba
Content-Type: text/plain; charset=US-ASCII; name="iissemi1_cpp.txt"
Content-Disposition: attachment; filename="iissemi1_cpp.txt"
Content-Transfer-Encoding: base64
X-Attachment-Id: file0
LyoNCg0KVGhpcyBtaXRpZ2F0aW9uIHNob3VsZCBoZWxwIGJsb2NrIGF0dGVtcHRzIHRvIGV4cGxv
aXQgdGhlIElJUw0Kc2VtaWNvbG9uIHplcm8tZGF5IChCSUQgMzc0NjApLCBidXQgbm8gd2FycmFu
dGllcyBhbmQgbm8gZ3VhcmFudGVlcy4NCkl0IGRpZG4ndCBjcmFzaCBteSB3ZWIgc2VydmVycyBk
dXJpbmcgdGVzdGluZywgYnV0IEkgbWFrZSBubw0KcmVwcmVzZW50YXRpb25zIGFzIHRvIGhvdyBp
dCB3aWxsIG9yIHdvbid0IHBlcmZvcm0gb24gYW55b25lIGVsc2Uncw0Kd2ViIHNlcnZlcnMuICBU
aGlzIG1pdGlnYXRpb24gaXMgb25seSBpbnRlbmRlZCBmb3IgSUlTIDQuMCwgNS54LCBhbmQNCjYu
MDsgSUlTIDcuMCBkb2VzIG5vdCBhcHBlYXIgdG8gYmUgdnVsbmVyYWJsZSAoYWx0aG91Z2ggaW4g
bXkNCnRlc3RpbmcsIElJUyA0LjAsIDUuMCwgYW5kIDUuMSBkaWRuJ3QgYXBwZWFyIHRvIGJlIHZ1
bG5lcmFibGUsDQplaXRoZXIpLCBhbmQgNy41IGlzIGFsc28gcmVwb3J0ZWRseSBub3QgdnVsbmVy
YWJsZS4NCg0KSWYgYW4gYXR0YWNrIGlzIGJsb2NrZWQsIGl0IHNob3VsZCBzaG93IHVwIGluIHRo
ZSBJSVMgbG9ncyB3aXRoIEhUVFANCnN0YXR1cyA0MDMgYW5kIHRoZSBtYWRlLXVwIHN1YnN0YXR1
cyA1OTsgZm9yIGV4YW1wbGUsIG9uIElJUyA2LjA6DQoNCiAgMjAwOS0xMi0yNyAxMjozNDo1NiBX
M1NWQzEgMTY5LjI1NC4xMjMuMjAwIEdFVCAvZXZpbC5hc3A7eC5qcGcNCiAgLSA4MCAtIDE2OS4y
NTQuMTIzLjEwMCBNb3ppbGxhLzQuMCsoY29tcGF0aWJsZTsrTVNJRSsuLi4pIDQwMyA1OSAwDQoN
CldoZW4gcGFzc2VkIGEgbWFsZm9ybWVkIGZpbGUgbmFtZSBieSBJSVMgZHVlIHRvIHRoZSB2dWxu
ZXJhYmlsaXR5LA0KbW9zdCAobm9uLS5ORVQpIElTQVBJIGV4dGVuc2lvbnMgd2lsbCBwcm9jZXNz
IHRoZSBmaWxlLCBpbmNsdWRpbmc6DQoNCiAgYXNwLmRsbCAvIGFzcDUxLmRsbDogIC5hc2EsIC5h
c3AsIC5jZHgsIC5jZXIsIC5odHINCiAgaHR0cG9kYmMuZGxsOiAgICAgICAgIC5pZGMNCiAgc3Np
bmMuZGxsOiAgICAgICAgICAgIC5zaHRtLCAuc2h0bWwsIC5zdG0NCg0KU28gdG8gZ2V0IHRoZSBt
b3N0IHByb3RlY3Rpb24sIHlvdSdsbCBuZWVkIHRvIHJlbWFwIHRoZSBmaWxlDQpleHRlbnNpb25z
IGZvciBlYWNoIGRpZmZlcmVudCBJU0FQSSBleHRlbnNpb24gdG8gYSBkaWZmZXJlbnQgY29weSBv
Zg0KdGhlIG1pdGlnYXRpb24gRExMIC0tIGl0IHVzZXMgdGhlIGZpbGUgbmFtZSB3aXRoIHdoaWNo
IGl0IGxvYWRzIHRvDQpmaWd1cmUgb3V0IHdoaWNoIElTQVBJIGV4dGVuc2lvbiBpdCdzIHdyYXBw
aW5nLiAgWW91J2xsIGFsc28gbmVlZCB0bw0Kc2V0IHVwIHRoZSByZWdpc3RyeSB0byB0ZWxsIGl0
IHdoZXJlIHRvIGZpbmQgdGhlIElTQVBJIGV4dGVuc2lvbiBpdCdzDQpyZXBsYWNpbmcuICBGb3Ig
ZXhhbXBsZToNCg0KICBbSEtFWV9MT0NBTF9NQUNISU5FXFNPRlRXQVJFXGlpc3NlbWkxXQ0KICAi
aWlzc2VtaTFfYXNwLmRsbCIgPSAiQzpcV0lORE9XU1xzeXN0ZW0zMlxpbmV0c3J2XGFzcC5kbGwi
DQogICJpaXNzZW1pMV9zc2luYy5kbGwiID0gIkM6XFdJTkRPV1Ncc3lzdGVtMzJcaW5ldHNydlxz
c2luYy5kbGwiDQoNClRyeSBvdXQgYSBtYWxmb3JtZWQgZmlsZSBuYW1lIGFmdGVyIGRlcGxveWlu
ZyB0byBtYWtlIHN1cmUgeW91IGhhdmUNCmV2ZXJ5dGhpbmcgc2V0IHVwIHByb3Blcmx5Lg0KDQpT
b3JyeSBJIGNhbid0IGhvc3QgYW4gaW5zdGFsbGVyIHJpZ2h0IG5vdyB0byBhdXRvbWF0ZSBhbGwg
b2YgdGhpcy4NCkhvcGVmdWxseSBtb3N0IHBlb3BsZSB3b24ndCBuZWVkIHRvIHVzZSB0aGlzIG1p
dGlnYXRpb24sIGJ1dCBpZiB0aGUNCm90aGVyIG9wdGlvbnMgZm9yIHJlZHVjaW5nIGV4cG9zdXJl
IGFyZW4ndCB2aWFibGUgaW4geW91ciBzaXR1YXRpb24sDQpJIGhvcGUgdGhpcyBvbmUgd2lsbCBi
ZS4NCg0KLS0gRGVyZWsNCg0KDQpQLlMuICBUaGUgdnVsbmVyYWJpbGl0eSBjYW4gYWxzbyBiZSBl
eHBsb2l0ZWQgaWYgYSBzdWJkaXJlY3RvcnkNCiAgICAgIGNvbnRhaW5pbmcgIi54eHg7IiBjYW4g
YmUgY3JlYXRlZDsgZm9yIGluc3RhbmNlLCBhY2Nlc3NpbmcNCiAgICAgICIvfnkuYXNwO3kvei5q
cGciIHdvdWxkIGNhdXNlICJ6LmpwZyIgdG8gYmUgZXhlY3V0ZWQgYnkgdGhlDQogICAgICBBU1Ag
SVNBUEkgZXh0ZW5zaW9uIGFzIHRob3VnaCBpdCB3ZXJlIGFuIEFTUCBzY3JpcHQuDQoNCiovDQoN
Ci8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8v
Ly8vLy8vLy8NCi8vIGlpc3NlbWkxLmNwcA0KLy89PT09PT09PT09PT09PT09PT09PT09PT09PT09
PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQ0KLy8gTWl0aWdhdGlvbiB0byBwcmV2
ZW50IHByb2Nlc3Npbmcgb2YgZmlsZSBuYW1lcyB0aGF0IGNvbnRhaW4gYQ0KLy8gc2VtaWNvbG9u
IG9yIGFiZXJyYW50IGNvbG9uLCB0byBndWFyZCBhZ2FpbnN0IHRoZSBJSVMNCi8vIHNlbWljb2xv
biB6ZXJvLWRheS4NCi8vDQovLyBBbGwgZmlsZSBleHRlbnNpb25zIHRoYXQgd291bGQgbm9ybWFs
bHkgZXhlY3V0ZSBhbiBJU0FQSQ0KLy8gZXh0ZW5zaW9uIG11c3QgYmUgbWFudWFsbHkgcmVtYXBw
ZWQgdG8gYSBjb3B5IG9mIHRoZQ0KLy8gbWl0aWdhdGlvbiBETEwuICBUaGUgbWl0aWdhdGlvbiB3
b3JrcyBieSBwYXNzaW5nIHJlcXVlc3RzIHRvDQovLyB0aGUgb3JpZ2luYWwgSVNBUEkgZXh0ZW5z
aW9uIHVubGVzcyB0aGV5IGNvbnRhaW4gYSBzZW1pY29sb24NCi8vIG9yIGltcHJvcGVyIGNvbG9u
LiAgSXQgaXMgaGFyZC1jb2RlZCB0byB0cmFjayBkb3duIGFzcC5kbGwNCi8vIGFuZCBhIGZldyBv
dGhlciBETExzLCBpZiB0aGUgbWl0aWdhdGlvbiBETEwgaXRzZWxmIGxvYWRzIHdpdGgNCi8vIGEg
ZmlsZSBuYW1lIHRoYXQgaW5kaWNhdGVzIHdoaWNoIElTQVBJIGV4dGVuc2lvbiBpdCdzDQovLyBy
ZXBsYWNpbmc7IHRvIG92ZXJyaWRlIHRoaXMgZGVmYXVsdCBiZWhhdmlvciwgb3IgdG8gc3VwcG9y
dA0KLy8gYW4gdW5yZWNvZ25pemVkIElTQVBJIGV4dGVuc2lvbiwgYWRkIGEgcmVnaXN0cnkgdmFs
dWUNCi8vIG1hdGNoaW5nIHRoZSBtaXRpZ2F0aW9uIERMTCdzIGZpbGUgbmFtZSBpbiB0aGUNCi8v
ICJIS0VZX0xPQ0FMX01BQ0hJTkVcU09GVFdBUkVcaWlzc2VtaTEiIHJlZ2lzdHJ5IGtleS4NCi8v
DQovLyBUbyBidWlsZDoNCi8vDQovLyAgMS4gU3RhcnQgVmlzdWFsIFN0dWRpbyAyMDA4ICgyMDA1
IHNob3VsZCBhbHNvIHdvcmspDQovLyAgMi4gRmlsZSAtPiBOZXcgLT4gUHJvamVjdA0KLy8gIDMu
IENob29zZSBWaXN1YWwgQysrOiBXaW4zMjogV2luMzIgUHJvamVjdA0KLy8gIDQuIEVudGVyICJp
aXNzZW1pMSIgZm9yIHRoZSBuYW1lDQovLyAgNS4gSW4gdGhlIFdpbjMyIEFwcGxpY2F0aW9uIFdp
emFyZCwgY2hvb3NlIGFuDQovLyAgICAgIkFwcGxpY2F0aW9uIHR5cGUiIG9mICJETEwiLCBhbmQg
dW5kZXIgIkFkZGl0aW9uYWwNCi8vICAgICBvcHRpb25zIiwgY2hlY2sgIkVtcHR5IHByb2plY3Qi
DQovLyAgNi4gSW4gdGhlIFNvbHV0aW9uIEV4cGxvcmVyLCByaWdodC1jbGljayBvbiAiU291cmNl
IEZpbGVzIiwNCi8vICAgICBBZGQgLT4gTmV3IEl0ZW0NCi8vICA3LiBDaG9vc2UgIkMrKyBGaWxl
ICguY3BwKSIgYW5kIGVudGVyICJpaXNzZW1pMS5jcHAiIGZvcg0KLy8gICAgIHRoZSBuYW1lDQov
LyAgOC4gUGFzdGUgYWxsIG9mIHRoaXMgc291cmNlIGNvZGUgaW50byB0aGUgbmV3IC5jcHAgZmls
ZQ0KLy8gIDkuIEluIHRoZSBTb2x1dGlvbiBFeHBsb3JlciwgcmlnaHQtY2xpY2sgYWdhaW4gb24g
IlNvdXJjZQ0KLy8gICAgIEZpbGVzIiwgQWRkIC0+IE5ldyBJdGVtDQovLyAxMC4gQ2hvb3NlICJN
b2R1bGUtRGVmaW5pdGlvbiBGaWxlICguZGVmKSIgYW5kIGVudGVyDQovLyAgICAgImlpc3NlbWkx
LmRlZiIgZm9yIHRoZSBuYW1lDQovLyAxMS4gUGFzdGUgZXZlcnl0aGluZyBpbiB0aGUgYmxvY2sg
Y29tbWVudCBiZWxvdyAoYmV0d2VlbiB0aGUNCi8vICAgICByb3dzIG9mICoqKioncykgaW50byB0
aGUgbmV3IC5kZWYgZmlsZQ0KLy8gMTIuIEJ1aWxkIC0+IENvbmZpZ3VyYXRpb24gTWFuYWdlcjsg
Zm9yICJBY3RpdmUgc29sdXRpb24NCi8vICAgICBjb25maWd1cmF0aW9uIiwgY2hvb3NlICJSZWxl
YXNlIg0KLy8gMTMuIEZvciBtYXhpbXVtIHBvcnRhYmlsaXR5LCBQcm9qZWN0IC0+IFByb3BlcnRp
ZXMsDQovLyAgICAgQ29uZmlndXJhdGlvbiBQcm9wZXJ0aWVzOiBDL0MrKzogQ29kZSBHZW5lcmF0
aW9uOiBzZXQNCi8vICAgICAiUnVudGltZSBMaWJyYXJ5IiB0byAiTXVsdGktdGhyZWFkZWQgKC9N
VCkiOyB0aGlzIHdpbGwNCi8vICAgICBrZWVwIGlpc3NlbWkxLmRsbCBmcm9tIHJlcXVpcmluZyBN
U1ZDUiouRExMDQovLyAxNC4gKFdoaWxlIHlvdSdyZSBpbiB0aGVyZSwgUHJvamVjdCAtPiBQcm9w
ZXJ0aWVzLA0KLy8gICAgICBDb25maWd1cmF0aW9uIFByb3BlcnRpZXM6IExpbmtlcjogSW5wdXQs
IGFuZCBtYWtlIHN1cmUNCi8vICAgICAgdGhhdCAiTW9kdWxlIERlZmluaXRpb24gRmlsZSIgY29u
dGFpbnMgImlpc3NlbWkxLmRlZiIpDQovLyAxNS4gQnVpbGQgLT4gQnVpbGQgU29sdXRpb24NCi8v
DQovLyBUbyB1c2U6DQovLw0KLy8gMTYuIE9wZW4gSW50ZXJuZXQgSW5mb3JtYXRpb24gU2Vydmlj
ZXMgTWFuYWdlciBNTUMgc25hcC1pbg0KLy8gICAgIChydW4gImluZXRtZ3IiKQ0KLy8gMTcuIFJp
Z2h0LWNsaWNrIG9uICJXZWIgU2l0ZXMiIG9yIG1hY2hpbmUgbm9kZSwgUHJvcGVydGllcw0KLy8g
ICAgIChNYXN0ZXIgUHJvcGVydGllczogRWRpdCwgYXMgYXBwbGljYWJsZSkNCi8vIDE4LiBIb21l
IERpcmVjdG9yeSB0YWIsIENvbmZpZ3VyYXRpb24NCi8vIDE5LiBDb3B5IGlpc3NlbWkxLmRsbCB0
byBhIGRpZmZlcmVudCBmaWxlIG5hbWUgZm9yIGVhY2gNCi8vICAgICBkaXN0aW5jdCBJU0FQSSBl
eHRlbnNpb24geW91IG5lZWQgdG8gcmVwbGFjZTsgZS5nLiwNCi8vICAgICAiaWlzc2VtaTFfYXNw
LmRsbCIgaWYgeW91IG5lZWQgdG8gcmVwbGFjZSAiYXNwLmRsbCIsDQovLyAgICAgImlpc3NlbWkx
X2h0dHBvZGJjLmRsbCIgZm9yICJodHRwb2RiYy5kbGwiLCBldGMuDQovLyAyMC4gUmVtYXAgdGhl
IGZpbGUgZXh0ZW5zaW9ucyBmb3IgZXZlcnkgSVNBUEkgZXh0ZW5zaW9uIHdoaWNoDQovLyAgICAg
eW91IHdvdWxkbid0IHdhbnQgdXNlcnMgdG8gYmUgYWJsZSB0byBzdXBwbHkgd2l0aA0KLy8gICAg
IGFyYml0cmFyeSBmaWxlcywgdG8gaW5zdGVhZCB1c2UgYSBjb3B5IG9mIGlpc3NlbWkxLmRsbC4N
Ci8vICAgICBNYWtlIHN1cmUgdG8ga2VlcCBhIHJlY29yZCBvZiBlYWNoIG1hcHBpbmcgY2hhbmdl
ZCwgc28NCi8vICAgICB0aGF0IHlvdSBjYW4gZWFzaWx5IHJldmVyc2UgdGhlIGNoYW5nZXMgbGF0
ZXIuDQovLyAgICAgKE5vdGUgdGhhdCB5b3UgbWlnaHQgZ2V0ICJyZXF1ZXN0ZWQgcmVzb3VyY2Ug
aXMgaW4gdXNlIg0KLy8gICAgICBlcnJvcnMgaWYgeW91IGRvbid0IHJlbWFwIGV2ZXJ5IGZpbGUg
ZXh0ZW5zaW9uIGJlbG9uZ2luZw0KLy8gICAgICB0byBhbiBJU0FQSSBleHRlbnNpb24gLS0gZS5n
LiwgaWYgeW91IHJlbWFwICIuYXNwIiBidXQNCi8vICAgICAgbm90ICIuYXNhIiwgeW91IG1pZ2h0
IGdldCBIVFRQIDUwMCBlcnJvcnMgd2hlbiB5b3UNCi8vICAgICAgYWNjZXNzIGFuIEFTQSBmaWxl
LikNCi8vIDIxLiBJSVMgNi4wOiBJbiB0aGUgSUlTIE1hbmFnZXIsIGdvIHRvIHRoZSAiV2ViIFNl
cnZpY2UNCi8vICAgICBFeHRlbnNpb25zIiBmb2xkZXIsIEFjdGlvbiAtPiBBZGQgYSBuZXcgd2Vi
IHNlcnZpY2UNCi8vICAgICBleHRlbnNpb24sIGVudGVyICJpaXNzZW1pMSIgZm9yIHRoZSBleHRl
bnNpb24gbmFtZSwgYWRkDQovLyAgICAgZWFjaCBmaWxlIGNyZWF0ZWQgaW4gU3RlcCAxOSB0byB0
aGUgIlJlcXVpcmVkIGZpbGVzIg0KLy8gICAgIGxpc3QsIGNoZWNrICJTZXQgZXh0ZW5zaW9uIHN0
YXR1cyB0byBBbGxvd2VkIiwgT0sNCi8vIDIyLiBJbiBSZWdlZGl0LCBjcmVhdGUgdGhlIHJlZ2lz
dHJ5IGtleQ0KLy8gICAgICJIS0VZX0xPQ0FMX01BQ0hJTkVcU09GVFdBUkVcaWlzc2VtaTEiDQov
LyAyMy4gSW4gdGhpcyBuZXcga2V5LCBjcmVhdGUgc3RyaW5nIChSRUdfU1ogb3IgUkVHX0VYUEFO
RF9TWikNCi8vICAgICByZWdpc3RyeSB2YWx1ZXMgbmFtZWQgYWZ0ZXIgdGhlIGNvcGllcyBvZiBp
aXNzZW1pMS5kbGwNCi8vICAgICBjcmVhdGVkIGluIFN0ZXAgMTkuICBUaGUgZGF0YSBvZiBlYWNo
IHJlZ2lzdHJ5IHZhbHVlDQovLyAgICAgc2hvdWxkIGJlIHRoZSBmdWxsIHBhdGggYW5kIGZpbGUg
bmFtZSBvZiB0aGUgSVNBUEkNCi8vICAgICBleHRlbnNpb24gdGhhdCB3YXMgcmVwbGFjZWQ7IGUu
Zy4sIHNldCB0aGUgdmFsdWUgbmFtZWQNCi8vICAgICAiaWlzc2VtaTFfYXNwLmRsbCIgdG8NCi8v
ICAgICAiQzpcV0lORE9XU1xzeXN0ZW0zMlxpbmV0c3J2XGFzcC5kbGwiLCBzZXQgdGhlIHZhbHVl
IG5hbWVkDQovLyAgICAgImlpc3NlbWkxX2h0dHBvZGJjLmRsbCIgdG8NCi8vICAgICAiQzpcV0lO
RE9XU1xzeXN0ZW0zMlxpbmV0c3J2XGh0dHBvZGJjLmRsbCIsIGV0Yy4NCi8vIDI0LiBSZXN0YXJ0
IFczU1ZDIChydW4gImlpc3Jlc2V0IikNCi8vDQovLyBUbyB1bmluc3RhbGwsIHJlbWFwIHRoZSBm
aWxlIGV4dGVuc2lvbiBtYXBwaW5ncyBjaGFuZ2VkIGluDQovLyBTdGVwIDIwIGJhY2sgdG8gdGhl
aXIgb3JpZ2luYWwgZXhlY3V0YWJsZSBwYXRocy4NCi8vDQovLyBOTyBXQVJSQU5USUVTLiAgVXNl
IGF0IHlvdXIgb3duIHJpc2suICBSZWRpc3RyaWJ1dGlvbiBvZiB0aGlzDQovLyBzb3VyY2UgY29k
ZSBpbiBpdHMgb3JpZ2luYWwsIHVubW9kaWZpZWQgZm9ybSBpcyBwZXJtaXR0ZWQuDQovLw0KLy8g
Q29weXJpZ2h0IChDKSBEZXJlayBTb2VkZXIgLSAxMi8yNy8yMDA5DQovLy8vLy8vLy8vLy8vLy8v
Ly8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vDQoNCi8qKioq
ICBQYXN0ZSB0aGUgZm9sbG93aW5nIGludG8gYSBuZXcgLmRlZiBmaWxlOiAgKioqKioqKioqKioq
Kg0KDQpMSUJSQVJZICJpaXNzZW1pMS5kbGwiDQoNCkVYUE9SVFMNCiAgICAgICAgQXNwU3RhdHVz
SHRtbER1bXANCiAgICAgICAgRGxsQ2FuVW5sb2FkTm93IFBSSVZBVEUNCiAgICAgICAgRGxsR2V0
Q2xhc3NPYmplY3QgUFJJVkFURQ0KICAgICAgICBEbGxSZWdpc3RlclNlcnZlciBQUklWQVRFDQog
ICAgICAgIERsbFVucmVnaXN0ZXJTZXJ2ZXIgUFJJVkFURQ0KICAgICAgICBHZXRFeHRlbnNpb25W
ZXJzaW9uDQogICAgICAgIEh0dHBFeHRlbnNpb25Qcm9jDQogICAgICAgIFRlcm1pbmF0ZUV4dGVu
c2lvbg0KDQoqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioq
KioqKioqKioqKioqKiovDQoNCiNkZWZpbmUgV0lOMzJfTEVBTl9BTkRfTUVBTg0KI2RlZmluZSBf
Q1JUX1NFQ1VSRV9OT19XQVJOSU5HUw0KDQojaW5jbHVkZSA8d2luZG93cy5oPg0KI2luY2x1ZGUg
PG9iamJhc2UuaD4NCiNpbmNsdWRlIDxodHRwZXh0Lmg+DQojaW5jbHVkZSA8c3RkaW8uaD4NCg0K
Ly8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8v
Ly8vLy8vLw0KLy8gT3JpZ2luYWwgSVNBUEkgd3JhcHBlcg0KLy8vLy8vLy8vLy8vLy8vLy8vLy8v
Ly8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLw0KDQpXQ0hBUiAgICAg
ICAgICAgICAgICAgICBnX3dzek15c2VsZlsxMDI0XTsNCg0KQ1JJVElDQUxfU0VDVElPTiAgICAg
ICAgZ19jc1dyYXBwZXJzOw0KSE1PRFVMRSAgICAgICAgICAgICAgICAgZ19obUlTQVBJOw0KV0NI
QVIgICAgICAgICAgICAgICAgICAgZ193c3pJU0FQSVsxMDI0XTsNCg0KdHlwZWRlZiBCT09MIChX
SU5BUEkgKiBQRk5BU1BTVEFUVVNIVE1MRFVNUCkoIFBWT0lELCBQVk9JRCApOw0KdHlwZWRlZiBI
UkVTVUxUIChTVERBUElDQUxMVFlQRSAqIFBGTkRMTFJFR0lTVEVSU0VSVkVSKSgpOw0KdHlwZWRl
ZiBIUkVTVUxUIChTVERBUElDQUxMVFlQRSAqIFBGTkRMTFVOUkVHSVNURVJTRVJWRVIpKCk7DQoN
ClBGTkFTUFNUQVRVU0hUTUxEVU1QICAgIGdfcGZuQXNwU3RhdHVzSHRtbER1bXA7DQpMUEZOQ0FO
VU5MT0FETk9XICAgICAgICBnX3BmbkRsbENhblVubG9hZE5vdzsNCkxQRk5HRVRDTEFTU09CSkVD
VCAgICAgIGdfcGZuRGxsR2V0Q2xhc3NPYmplY3Q7DQpQRk5ETExSRUdJU1RFUlNFUlZFUiAgICBn
X3BmbkRsbFJlZ2lzdGVyU2VydmVyOw0KUEZORExMVU5SRUdJU1RFUlNFUlZFUiAgZ19wZm5EbGxV
bnJlZ2lzdGVyU2VydmVyOw0KUEZOX0dFVEVYVEVOU0lPTlZFUlNJT04gZ19wZm5HZXRFeHRlbnNp
b25WZXJzaW9uOw0KUEZOX0hUVFBFWFRFTlNJT05QUk9DICAgZ19wZm5IdHRwRXh0ZW5zaW9uUHJv
YzsNClBGTl9URVJNSU5BVEVFWFRFTlNJT04gIGdfcGZuVGVybWluYXRlRXh0ZW5zaW9uOw0KDQpj
b25zdCBzdHJ1Y3QgeyB2b2lkICogcHBmbjsgY29uc3QgY2hhciAqIHN6OyB9IExPT0tVUFtdID0N
CnsNCiAgICAgICAgeyAmZ19wZm5Bc3BTdGF0dXNIdG1sRHVtcCwgICAiQXNwU3RhdHVzSHRtbER1
bXAiIH0sDQogICAgICAgIHsgJmdfcGZuRGxsQ2FuVW5sb2FkTm93LCAgICAgIkRsbENhblVubG9h
ZE5vdyIgfSwNCiAgICAgICAgeyAmZ19wZm5EbGxHZXRDbGFzc09iamVjdCwgICAiRGxsR2V0Q2xh
c3NPYmplY3QiIH0sDQogICAgICAgIHsgJmdfcGZuRGxsUmVnaXN0ZXJTZXJ2ZXIsICAgIkRsbFJl
Z2lzdGVyU2VydmVyIiB9LA0KICAgICAgICB7ICZnX3BmbkRsbFVucmVnaXN0ZXJTZXJ2ZXIsICJE
bGxVbnJlZ2lzdGVyU2VydmVyIiB9LA0KICAgICAgICB7ICZnX3BmbkdldEV4dGVuc2lvblZlcnNp
b24sICJHZXRFeHRlbnNpb25WZXJzaW9uIiB9LA0KICAgICAgICB7ICZnX3Bmbkh0dHBFeHRlbnNp
b25Qcm9jLCAgICJIdHRwRXh0ZW5zaW9uUHJvYyIgfSwNCiAgICAgICAgeyAmZ19wZm5UZXJtaW5h
dGVFeHRlbnNpb24sICAiVGVybWluYXRlRXh0ZW5zaW9uIiB9DQp9IDsNCg0KQk9PTCByZWFkX3Jl
Z19wYXRoKA0KICAgICAgICBMUENXU1RSICAgICAgICAgICAgICAgICB3c3pLZXlOYW1lLA0KICAg
ICAgICBMUENXU1RSICAgICAgICAgICAgICAgICB3c3pWYWx1ZU5hbWUgKQ0Kew0KICAgICAgICBI
S0VZICAgICAgICAgICAgICAgICAgICBoa2V5Ow0KICAgICAgICBEV09SRCAgICAgICAgICAgICAg
ICAgICBkd3R5cGUsIGNiLCBjd2NoOw0KICAgICAgICBXQ0hBUiAgICAgICAgICAgICAgICAgICB3
c3pbIHNpemVvZihnX3dzeklTQVBJKSAvDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgc2l6ZW9mKGdfd3N6SVNBUElbMF0pIF07DQoNCiAgICAgICAgaWYgKCBSZWdPcGVuS2V5
RXhXKCBIS0VZX0xPQ0FMX01BQ0hJTkUsIHdzektleU5hbWUsIDAsDQogICAgICAgICAgICAgICAg
S0VZX1JFQUQsICZoa2V5ICkgIT0gRVJST1JfU1VDQ0VTUyApDQogICAgICAgIHsNCiAgICAgICAg
ICAgICAgICByZXR1cm4gRkFMU0U7DQogICAgICAgIH0NCg0KICAgICAgICBjYiA9IChzaXplb2Yo
Z193c3pJU0FQSSkgLSBzaXplb2YoZ193c3pJU0FQSVswXSkpOw0KDQogICAgICAgIGlmIChSZWdR
dWVyeVZhbHVlRXhXKCBoa2V5LCB3c3pWYWx1ZU5hbWUsIE5VTEwsICZkd3R5cGUsDQogICAgICAg
ICAgICAgICAgKExQQllURSlnX3dzeklTQVBJLCAmY2IgKSAhPSBFUlJPUl9TVUNDRVNTIHx8DQog
ICAgICAgICAgICAgICAgY2IgPCBzaXplb2YoZ193c3pJU0FQSVswXSkgfHwNCiAgICAgICAgICAg
ICAgICBjYiA+IChzaXplb2YoZ193c3pJU0FQSSkgLSBzaXplb2YoZ193c3pJU0FQSVswXSkpICkN
CiAgICAgICAgew0KICAgICAgICAgICAgICAgIFJlZ0Nsb3NlS2V5KCBoa2V5ICk7DQogICAgICAg
ICAgICAgICAgcmV0dXJuIEZBTFNFOw0KICAgICAgICB9DQoNCiAgICAgICAgUmVnQ2xvc2VLZXko
IGhrZXkgKTsNCg0KICAgICAgICBnX3dzeklTQVBJW2NiIC8gc2l6ZW9mKGdfd3N6SVNBUElbMF0p
XSA9IEwnXDAnOw0KDQogICAgICAgIGlmIChkd3R5cGUgPT0gUkVHX0VYUEFORF9TWikNCiAgICAg
ICAgew0KICAgICAgICAgICAgICAgIGN3Y2ggPSBFeHBhbmRFbnZpcm9ubWVudFN0cmluZ3NXKCBn
X3dzeklTQVBJLA0KICAgICAgICAgICAgICAgICAgICAgICAgd3N6LCAoKHNpemVvZih3c3opIC8g
c2l6ZW9mKHdzelswXSkpIC0gMSkgKTsNCg0KICAgICAgICAgICAgICAgIGlmICggY3djaCA9PSAw
IHx8DQogICAgICAgICAgICAgICAgICAgICBjd2NoID49IChzaXplb2Yod3N6KSAvIHNpemVvZih3
c3pbMF0pKSAtIDEpDQogICAgICAgICAgICAgICAgew0KICAgICAgICAgICAgICAgICAgICAgICAg
cmV0dXJuIEZBTFNFOw0KICAgICAgICAgICAgICAgIH0NCg0KICAgICAgICAgICAgICAgIHdzeltj
d2NoXSA9IEwnXDAnOw0KDQogICAgICAgICAgICAgICAgbWVtY3B5KCBnX3dzeklTQVBJLA0KICAg
ICAgICAgICAgICAgICAgICAgICAgd3N6LCAoKGN3Y2ggKyAxKSAqIHNpemVvZihnX3dzeklTQVBJ
WzBdKSkgKTsNCiAgICAgICAgfQ0KICAgICAgICBlbHNlIGlmIChkd3R5cGUgIT0gUkVHX1NaKQ0K
ICAgICAgICAgICAgICAgIHJldHVybiBGQUxTRTsNCg0KICAgICAgICByZXR1cm4gVFJVRTsNCn0g
Ly9yZWFkX3JlZ19wYXRoDQoNCmNvbnN0IHdjaGFyX3QgKiBfX3djc3N0cmkoDQogICAgICAgIGNv
bnN0IHdjaGFyX3QgICAgICAgICAgICogX1N0ciwNCiAgICAgICAgY29uc3Qgd2NoYXJfdCAgICAg
ICAgICAgKiBfU3ViU3RyICkNCnsNCiAgICAgICAgc2l6ZV90ICAgICAgICAgICAgICAgICAgY3dj
aHN0ciwgY3djaHN1YjsNCg0KICAgICAgICBjd2Noc3RyID0gd2NzbGVuKCBfU3RyICk7DQogICAg
ICAgIGN3Y2hzdWIgPSB3Y3NsZW4oIF9TdWJTdHIgKTsNCg0KICAgICAgICBpZiAoY3djaHN0ciA8
IGN3Y2hzdWIpDQogICAgICAgICAgICAgICAgcmV0dXJuIDA7DQoNCiAgICAgICAgZm9yIChjd2No
c3RyIC09IGN3Y2hzdWI7IDsgY3djaHN0ci0tLCBfU3RyKyspDQogICAgICAgIHsNCiAgICAgICAg
ICAgICAgICBpZiAoX3djc25pY21wKCBfU3RyLCBfU3ViU3RyLCBjd2Noc3ViICkgPT0gMCkNCiAg
ICAgICAgICAgICAgICAgICAgICAgIHJldHVybiBfU3RyOw0KDQogICAgICAgICAgICAgICAgaWYg
KGN3Y2hzdHIgPT0gMCkgYnJlYWs7DQogICAgICAgIH0NCg0KICAgICAgICByZXR1cm4gMDsNCn0g
Ly9fX3djc3N0cmkNCg0KQk9PTCB0cnlfZGVmYXVsdHMoDQogICAgICAgIExQQ1dTVFIgICAgICAg
ICAgICAgICAgIHdzek15RmlsZU5hbWUgKQ0Kew0KICAgICAgICBMUENXU1RSICAgICAgICAgICAg
ICAgICB3c3pkbGw7DQoNCiAgICAgICAgaWYgKF9fd2Nzc3RyaSggd3N6TXlGaWxlTmFtZSwgTCJh
c3A1MSIgKSkNCiAgICAgICAgew0KICAgICAgICAgICAgICAgIGlmICggcmVhZF9yZWdfcGF0aCgg
TCJTT0ZUV0FSRVxcQ2xhc3Nlc1xcQ0xTSURcXCINCiAgICAgICAgICAgICAgICAgICAgICAgIEwi
e0Q5N0E2REEwLUE4NjEtMTFjZi05M0FFLTAwQTBDOTBDMkJEOH1cXCINCiAgICAgICAgICAgICAg
ICAgICAgICAgIEwiSW5wcm9jU2VydmVyMzIiLCBOVUxMICkgKQ0KICAgICAgICAgICAgICAgIHsN
CiAgICAgICAgICAgICAgICAgICAgICAgIHJldHVybiBUUlVFOw0KICAgICAgICAgICAgICAgIH0N
Cg0KICAgICAgICAgICAgICAgIHdzemRsbCA9IEwiXFxhc3A1MS5kbGwiOw0KICAgICAgICB9DQog
ICAgICAgIGVsc2UgaWYgKF9fd2Nzc3RyaSggd3N6TXlGaWxlTmFtZSwgTCJhc3AiICkpDQogICAg
ICAgIHsNCiAgICAgICAgICAgICAgICBpZiAoIHJlYWRfcmVnX3BhdGgoIEwiU09GVFdBUkVcXENs
YXNzZXNcXENMU0lEXFwiDQogICAgICAgICAgICAgICAgICAgICAgICBMIntEOTdBNkRBMC1BODYx
LTExY2YtOTNBRS0wMEEwQzkwQzJCRDh9XFwiDQogICAgICAgICAgICAgICAgICAgICAgICBMIklu
cHJvY1NlcnZlcjMyIiwgTlVMTCApICkNCiAgICAgICAgICAgICAgICB7DQogICAgICAgICAgICAg
ICAgICAgICAgICByZXR1cm4gVFJVRTsNCiAgICAgICAgICAgICAgICB9DQoNCiAgICAgICAgICAg
ICAgICB3c3pkbGwgPSBMIlxcYXNwLmRsbCI7DQogICAgICAgIH0NCiAgICAgICAgZWxzZSBpZiAo
X193Y3NzdHJpKCB3c3pNeUZpbGVOYW1lLCBMImh0dHBvZGJjIiApKQ0KICAgICAgICAgICAgICAg
IHdzemRsbCA9IEwiXFxodHRwb2RiYy5kbGwiOw0KICAgICAgICBlbHNlIGlmIChfX3djc3N0cmko
IHdzek15RmlsZU5hbWUsIEwic3NpbmMiICkpDQogICAgICAgICAgICAgICAgd3N6ZGxsID0gTCJc
XHNzaW5jLmRsbCI7DQogICAgICAgIGVsc2UgaWYgKF9fd2Nzc3RyaSggd3N6TXlGaWxlTmFtZSwg
TCJ1cmxhdXRoIiApKQ0KICAgICAgICAgICAgICAgIHdzemRsbCA9IEwiXFx1cmxhdXRoLmRsbCI7
DQogICAgICAgIGVsc2UgaWYgKF9fd2Nzc3RyaSggd3N6TXlGaWxlTmFtZSwgTCJ3M2lzYXBpIiAp
KQ0KICAgICAgICAgICAgICAgIHdzemRsbCA9IEwiXFx3M2lzYXBpLmRsbCI7DQogICAgICAgIGVs
c2UgICAgcmV0dXJuIEZBTFNFOw0KDQogICAgICAgIGlmICggcmVhZF9yZWdfcGF0aCggTCJTT0ZU
V0FSRVxcTWljcm9zb2Z0XFxJbmV0U3RwIiwNCiAgICAgICAgICAgICAgICBMIkluc3RhbGxQYXRo
IiApICYmDQogICAgICAgICAgICAgKCAoc2l6ZW9mKGdfd3N6SVNBUEkpIC8gc2l6ZW9mKGdfd3N6
SVNBUElbMF0pKSAtDQogICAgICAgICAgICAgICB3Y3NsZW4oIGdfd3N6SVNBUEkgKSApID4gKHdj
c2xlbiggd3N6ZGxsICkgKyAxKSApDQogICAgICAgIHsNCiAgICAgICAgICAgICAgICB3Y3NjYXQo
IGdfd3N6SVNBUEksIHdzemRsbCApOw0KICAgICAgICAgICAgICAgIHJldHVybiBUUlVFOw0KICAg
ICAgICB9DQoNCiAgICAgICAgZ193c3pJU0FQSVswXSA9IEwnXDAnOw0KICAgICAgICByZXR1cm4g
RkFMU0U7DQp9IC8vdHJ5X2RlZmF1bHRzDQoNCkJPT0wgbG9hZF9pc2FwaSgpDQp7DQogICAgICAg
IExQQ1dTVFIgICAgICAgICAgICAgICAgIHdjcDsNCiAgICAgICAgc2l6ZV90ICAgICAgICAgICAg
ICAgICAgaTsNCg0KICAgICAgICBFbnRlckNyaXRpY2FsU2VjdGlvbiggJmdfY3NXcmFwcGVycyAp
Ow0KDQogICAgICAgIF9fdHJ5DQogICAgICAgIHsNCiAgICAgICAgICAgICAgICBpZiAoZ19obUlT
QVBJICE9IE5VTEwpDQogICAgICAgICAgICAgICAgICAgICAgICByZXR1cm4gVFJVRTsNCg0KICAg
ICAgICAgICAgICAgIHdjcCA9IHdjc3JjaHIoIGdfd3N6TXlzZWxmLCBMJ1xcJyApOw0KICAgICAg
ICAgICAgICAgIGlmICh3Y3ApIHdjcCsrOyBlbHNlIHdjcCA9IGdfd3N6TXlzZWxmOw0KDQogICAg
ICAgICAgICAgICAgaWYgKCFyZWFkX3JlZ19wYXRoKCBMIlNPRlRXQVJFXFxpaXNzZW1pMSIsIHdj
cCApKQ0KICAgICAgICAgICAgICAgIHsNCiAgICAgICAgICAgICAgICAgICAgICAgIGlmICghdHJ5
X2RlZmF1bHRzKCB3Y3AgKSkNCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgcmV0dXJu
IEZBTFNFOw0KICAgICAgICAgICAgICAgIH0NCg0KICAgICAgICAgICAgICAgIGdfaG1JU0FQSSA9
IExvYWRMaWJyYXJ5VyggZ193c3pJU0FQSSApOw0KICAgICAgICAgICAgICAgIGlmIChnX2htSVNB
UEkgPT0gTlVMTCkgcmV0dXJuIEZBTFNFOw0KDQogICAgICAgICAgICAgICAgZm9yICggaSA9IDA7
DQogICAgICAgICAgICAgICAgICAgICAgaSA8IChzaXplb2YoTE9PS1VQKSAvIHNpemVvZihMT09L
VVBbMF0pKTsgaSsrICkNCiAgICAgICAgICAgICAgICB7DQogICAgICAgICAgICAgICAgICAgICAg
ICAqKHZvaWQgKiAqKShMT09LVVBbaV0ucHBmbikgPQ0KICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAodm9pZCAqKUdldFByb2NBZGRyZXNzKA0KICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgIGdfaG1JU0FQSSwgTE9PS1VQW2ldLnN6ICk7DQogICAgICAgICAgICAg
ICAgfQ0KICAgICAgICB9DQogICAgICAgIF9fZmluYWxseQ0KICAgICAgICB7DQogICAgICAgICAg
ICAgICAgTGVhdmVDcml0aWNhbFNlY3Rpb24oICZnX2NzV3JhcHBlcnMgKTsNCiAgICAgICAgfQ0K
DQogICAgICAgIHJldHVybiBUUlVFOw0KfSAvL2xvYWRfaXNhcGkNCg0KLy8vLy8vLy8vLy8vLy8v
Ly8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLw0KLy8gSVNB
UEkgZXh0ZW5zaW9uIHJlcGxhY2VtZW50IGV4cG9ydHMNCi8vLy8vLy8vLy8vLy8vLy8vLy8vLy8v
Ly8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8NCg0KQk9PTCBXSU5BUEkg
QXNwU3RhdHVzSHRtbER1bXAoDQogICAgICAgIFBWT0lEICAgICAgICAgICAgICAgICAgIHBBcmcw
LA0KICAgICAgICBQVk9JRCAgICAgICAgICAgICAgICAgICBwQXJnMSApDQp7DQogICAgICAgIGlm
ICghbG9hZF9pc2FwaSgpIHx8IGdfcGZuQXNwU3RhdHVzSHRtbER1bXAgPT0gTlVMTCkNCiAgICAg
ICAgICAgICAgICByZXR1cm4gRkFMU0U7DQoNCiAgICAgICAgcmV0dXJuIGdfcGZuQXNwU3RhdHVz
SHRtbER1bXAoIHBBcmcwLCBwQXJnMSApOw0KfSAvL0FzcFN0YXR1c0h0bWxEdW1wDQoNClNUREFQ
SSBEbGxDYW5VbmxvYWROb3coKQ0Kew0KICAgICAgICBpZiAoIWxvYWRfaXNhcGkoKSB8fCBnX3Bm
bkRsbENhblVubG9hZE5vdyA9PSBOVUxMKQ0KICAgICAgICAgICAgICAgIHJldHVybiBTX09LOw0K
DQogICAgICAgIHJldHVybiBnX3BmbkRsbENhblVubG9hZE5vdygpOw0KfSAvL0RsbENhblVubG9h
ZE5vdw0KDQpTVERBUEkgRGxsR2V0Q2xhc3NPYmplY3QoDQogICAgICAgIFJFRkNMU0lEICAgICAg
ICAgICAgICAgIHJjbHNpZCwNCiAgICAgICAgUkVGSUlEICAgICAgICAgICAgICAgICAgcmlpZCwN
CiAgICAgICAgTFBWT0lEICAgICAgICAgICAgICAgICAgKiBwcHYgKQ0Kew0KICAgICAgICBpZiAo
IWxvYWRfaXNhcGkoKSB8fCBnX3BmbkRsbEdldENsYXNzT2JqZWN0ID09IE5VTEwpDQogICAgICAg
ICAgICAgICAgcmV0dXJuIEVfVU5FWFBFQ1RFRDsNCg0KICAgICAgICByZXR1cm4gZ19wZm5EbGxH
ZXRDbGFzc09iamVjdCggcmNsc2lkLCByaWlkLCBwcHYgKTsNCn0gLy9EbGxHZXRDbGFzc09iamVj
dA0KDQpTVERBUEkgRGxsUmVnaXN0ZXJTZXJ2ZXIoKQ0Kew0KICAgICAgICBpZiAoIWxvYWRfaXNh
cGkoKSB8fCBnX3BmbkRsbFJlZ2lzdGVyU2VydmVyID09IE5VTEwpDQogICAgICAgICAgICAgICAg
cmV0dXJuIEVfVU5FWFBFQ1RFRDsNCg0KICAgICAgICByZXR1cm4gZ19wZm5EbGxSZWdpc3RlclNl
cnZlcigpOw0KfSAvL0RsbFJlZ2lzdGVyU2VydmVyDQoNClNUREFQSSBEbGxVbnJlZ2lzdGVyU2Vy
dmVyKCkNCnsNCiAgICAgICAgaWYgKCFsb2FkX2lzYXBpKCkgfHwgZ19wZm5EbGxVbnJlZ2lzdGVy
U2VydmVyID09IE5VTEwpDQogICAgICAgICAgICAgICAgcmV0dXJuIEVfVU5FWFBFQ1RFRDsNCg0K
ICAgICAgICByZXR1cm4gZ19wZm5EbGxVbnJlZ2lzdGVyU2VydmVyKCk7DQp9IC8vRGxsVW5yZWdp
c3RlclNlcnZlcg0KDQpCT09MIFdJTkFQSSBHZXRFeHRlbnNpb25WZXJzaW9uKA0KICAgICAgICBI
U0VfVkVSU0lPTl9JTkZPICAgICAgICAqIHBWZXIgKQ0Kew0KICAgICAgICBpZiAoIWxvYWRfaXNh
cGkoKSB8fCBnX3BmbkdldEV4dGVuc2lvblZlcnNpb24gPT0gTlVMTCkNCiAgICAgICAgICAgICAg
ICByZXR1cm4gRkFMU0U7DQoNCiAgICAgICAgcmV0dXJuIGdfcGZuR2V0RXh0ZW5zaW9uVmVyc2lv
biggcFZlciApOw0KfSAvL0dldEV4dGVuc2lvblZlcnNpb24NCg0KRFdPUkQgV0lOQVBJIEh0dHBF
eHRlbnNpb25Qcm9jKA0KICAgICAgICBFWFRFTlNJT05fQ09OVFJPTF9CTE9DSyAqIHBFQ0IgKQ0K
ew0KICAgICAgICBIU0VfQ1VTVE9NX0VSUk9SX0lORk8gICBoc2VlcnI7DQogICAgICAgIEJPT0wg
ICAgICAgICAgICAgICAgICAgIGZkYW5nZXI7DQogICAgICAgIGNvbnN0IGNoYXIgICAgICAgICAg
ICAgICogY3A7DQoNCiAgICAgICAgaWYgKCFsb2FkX2lzYXBpKCkgfHwgZ19wZm5IdHRwRXh0ZW5z
aW9uUHJvYyA9PSBOVUxMKQ0KICAgICAgICAgICAgICAgIHJldHVybiBIU0VfU1RBVFVTX0VSUk9S
Ow0KDQogICAgICAgIGlmIChwRUNCICE9IE5VTEwgJiYgcEVDQi0+bHBzelBhdGhUcmFuc2xhdGVk
ICE9IE5VTEwpDQogICAgICAgIHsNCiAgICAgICAgICAgICAgICBmZGFuZ2VyID0gRkFMU0U7DQoN
CiAgICAgICAgICAgICAgICBpZiAoc3RyY2hyKCBwRUNCLT5scHN6UGF0aFRyYW5zbGF0ZWQsICc7
JyApKQ0KICAgICAgICAgICAgICAgICAgICAgICAgZmRhbmdlciA9IFRSVUU7DQoNCiNpZiAxIC8v
IGFsc28gY2hlY2sgZm9yIGNvbG9uIHRoYXQgZG9lc24ndCBiZWxvbmcNCiAgICAgICAgICAgICAg
ICBjcCA9IHBFQ0ItPmxwc3pQYXRoVHJhbnNsYXRlZDsNCg0KICAgICAgICAgICAgICAgIGlmICgg
Y3BbMF0gPT0gJ1xcJyAmJiBjcFsxXSA9PSAnXFwnICYmDQogICAgICAgICAgICAgICAgICAgICAo
Y3BbMl0gPT0gJy4nIHx8IGNwWzJdID09ICc/JykgJiYNCiAgICAgICAgICAgICAgICAgICAgIGNw
WzNdID09ICdcXCcgJiYgY3BbNF0gIT0gJ1wwJyAmJiBjcFs1XSA9PSAnOicgKQ0KICAgICAgICAg
ICAgICAgIHsNCiAgICAgICAgICAgICAgICAgICAgICAgIGNwICs9IDY7DQogICAgICAgICAgICAg
ICAgfQ0KICAgICAgICAgICAgICAgIGVsc2UgaWYgKCBjcFswXSA9PSAnXFwnICYmIGNwWzFdID09
ICc/JyAmJg0KICAgICAgICAgICAgICAgICAgICAgICAgICBjcFsyXSA9PSAnPycgJiYgY3BbM10g
PT0gJ1xcJyAmJg0KICAgICAgICAgICAgICAgICAgICAgICAgICBjcFs0XSAhPSAnXDAnICYmIGNw
WzVdID09ICc6JyApDQogICAgICAgICAgICAgICAgew0KICAgICAgICAgICAgICAgICAgICAgICAg
Y3AgKz0gNjsNCiAgICAgICAgICAgICAgICB9DQogICAgICAgICAgICAgICAgZWxzZSBpZiAoY3Bb
MF0gIT0gJ1wwJyAmJiBjcFsxXSA9PSAnOicpDQogICAgICAgICAgICAgICAgew0KICAgICAgICAg
ICAgICAgICAgICAgICAgY3AgKz0gMjsNCiAgICAgICAgICAgICAgICB9DQoNCiAgICAgICAgICAg
ICAgICBpZiAoc3RyY2hyKCBjcCwgJzonICkpDQogICAgICAgICAgICAgICAgICAgICAgICBmZGFu
Z2VyID0gVFJVRTsNCiNlbmRpZg0KDQogICAgICAgICAgICAgICAgaWYgKGZkYW5nZXIpDQogICAg
ICAgICAgICAgICAgew0KICAgICAgICAgICAgICAgICAgICAgICAgaWYgKHBFQ0ItPlNlcnZlclN1
cHBvcnRGdW5jdGlvbiAhPSBOVUxMKQ0KICAgICAgICAgICAgICAgICAgICAgICAgew0KICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICBwRUNCLT5TZXJ2ZXJTdXBwb3J0RnVuY3Rpb24oDQog
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgcEVDQi0+Q29ubklELA0KICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIEhTRV9SRVFfU0VORF9SRVNQT05T
RV9IRUFERVIsDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIjQwMyBG
b3JiaWRkZW4iLA0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIE5VTEws
IE5VTEwgKTsNCg0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBoc2VlcnIucHN6U3Rh
dHVzID0gIjQwMyBGb3JiaWRkZW4iOw0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBo
c2VlcnIudUh0dHBTdWJFcnJvciA9IDU5Ow0KDQogICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgIHBFQ0ItPlNlcnZlclN1cHBvcnRGdW5jdGlvbigNCiAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICBwRUNCLT5Db25uSUQsDQogICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgSFNFX1JFUV9TRU5EX0NVU1RPTV9FUlJPUiwNCiAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAmaHNlZXJyLCBOVUxMLCBOVUxMICk7DQogICAgICAg
ICAgICAgICAgICAgICAgICB9IC8vaWYocEVDQi0+U2VydmVyU3VwcG9ydEZ1bmN0aW9uKQ0KDQog
ICAgICAgICAgICAgICAgICAgICAgICBwRUNCLT5kd0h0dHBTdGF0dXNDb2RlID0gNDAzOw0KDQog
ICAgICAgICAgICAgICAgICAgICAgICByZXR1cm4gSFNFX1NUQVRVU19TVUNDRVNTOw0KICAgICAg
ICAgICAgICAgIH0gLy9pZihmZGFuZ2VyKQ0KICAgICAgICB9IC8vaWYocEVDQiYmcEVDQi0+bHBz
elBhdGhUcmFuc2xhdGVkKQ0KDQogICAgICAgIHJldHVybiBnX3Bmbkh0dHBFeHRlbnNpb25Qcm9j
KCBwRUNCICk7DQp9IC8vSHR0cEV4dGVuc2lvblByb2MNCg0KQk9PTCBXSU5BUEkgVGVybWluYXRl
RXh0ZW5zaW9uKA0KICAgICAgICBEV09SRCAgICAgICAgICAgICAgICAgICBkd0ZsYWdzICkNCnsN
CiAgICAgICAgaWYgKCFsb2FkX2lzYXBpKCkgfHwgZ19wZm5UZXJtaW5hdGVFeHRlbnNpb24gPT0g
TlVMTCkNCiAgICAgICAgICAgICAgICByZXR1cm4gRkFMU0U7DQoNCiAgICAgICAgcmV0dXJuIGdf
cGZuVGVybWluYXRlRXh0ZW5zaW9uKCBkd0ZsYWdzICk7DQp9IC8vVGVybWluYXRlRXh0ZW5zaW9u
DQoNCi8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8v
Ly8vLy8vLy8vLy8NCi8vIERMTCBpbml0aWFsaXphdGlvbg0KLy8vLy8vLy8vLy8vLy8vLy8vLy8v
Ly8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLw0KDQpCT09MIFdJTkFQ
SSBEbGxNYWluKA0KICAgICAgICBISU5TVEFOQ0UgICAgICAgICAgICAgICBoaW5zdERMTCwNCiAg
ICAgICAgRFdPUkQgICAgICAgICAgICAgICAgICAgZmR3UmVhc29uLA0KICAgICAgICBMUFZPSUQg
ICAgICAgICAgICAgICAgICBscHZSZXNlcnZlZCApDQp7DQogICAgICAgIERXT1JEICAgICAgICAg
ICAgICAgICAgIGN3Y2g7DQoNCiAgICAgICAgaWYgKGZkd1JlYXNvbiA9PSBETExfUFJPQ0VTU19B
VFRBQ0gpDQogICAgICAgIHsNCiAgICAgICAgICAgICAgICBjd2NoID0gR2V0TW9kdWxlRmlsZU5h
bWVXKCBoaW5zdERMTCwgZ193c3pNeXNlbGYsDQogICAgICAgICAgICAgICAgICAgICAgICAoICgg
c2l6ZW9mKGdfd3N6TXlzZWxmKSAvDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgc2l6ZW9m
KGdfd3N6TXlzZWxmWzBdKSApIC0gMSApICk7DQoNCiAgICAgICAgICAgICAgICBpZiAoIGN3Y2gg
PT0gMCB8fA0KICAgICAgICAgICAgICAgICAgICAgY3djaCA+PSAoICggc2l6ZW9mKGdfd3N6TXlz
ZWxmKSAvDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBzaXplb2YoZ193c3pNeXNl
bGZbMF0pICkgLSAxICkgKQ0KICAgICAgICAgICAgICAgIHsNCiAgICAgICAgICAgICAgICAgICAg
ICAgIHJldHVybiBGQUxTRTsNCiAgICAgICAgICAgICAgICB9DQoNCiAgICAgICAgICAgICAgICBJ
bml0aWFsaXplQ3JpdGljYWxTZWN0aW9uKCAmZ19jc1dyYXBwZXJzICk7DQogICAgICAgICAgICAg
ICAgZ19obUlTQVBJID0gTlVMTDsNCiAgICAgICAgICAgICAgICBnX3dzeklTQVBJWzBdID0gTCdc
MCc7DQogICAgICAgIH0NCiAgICAgICAgZWxzZSBpZiAoZmR3UmVhc29uID09IERMTF9QUk9DRVNT
X0RFVEFDSCkNCiAgICAgICAgew0KICAgICAgICAgICAgICAgIC8vIGRvIHRoaXMgaW4gVGVybWlu
YXRlRXh0ZW5zaW9uPw0KICAgICAgICAgICAgICAgIC8vaWYgKGdfaG1JU0FQSSAhPSBOVUxMKQ0K
ICAgICAgICAgICAgICAgIC8vew0KICAgICAgICAgICAgICAgIC8vICAgICAgICBGcmVlTGlicmFy
eSggZ19obUlTQVBJICk7DQogICAgICAgICAgICAgICAgLy8gICAgICAgIGdfaG1JU0FQSSA9IE5V
TEw7DQogICAgICAgICAgICAgICAgLy99DQoNCiAgICAgICAgICAgICAgICBEZWxldGVDcml0aWNh
bFNlY3Rpb24oICZnX2NzV3JhcHBlcnMgKTsNCiAgICAgICAgfQ0KDQogICAgICAgIHJldHVybiBU
UlVFOw0KfSAvL0RsbE1haW4NCg=--001636c928016bbed5047bce15ba--
TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH
