From 43b2b9806eb95aa3f256c1d4dda1bcf758e94908 Mon Sep 17 00:00:00 2001
From: Justin Azoff <jazoff@illinois.edu>
Date: Fri, 3 Nov 2017 16:13:18 -0400
Subject: [PATCH] add a max_line_length flag to ContentLine_Analyzer

In ContentLine_Analyzer, prevent excessively long lines being assembled.
The line length will default to just under 16MB, but can be overriden on
a per-analyzer basis.  This is done for the finger,ident, and irc
analyzers.
---
 scripts/base/frameworks/notice/weird.bro        |   1 +
 src/analyzer/protocol/finger/Finger.cc          |   4 ++--
 src/analyzer/protocol/ident/Ident.cc            |   4 ++--
 src/analyzer/protocol/irc/IRC.cc                |   4 ++--
 src/analyzer/protocol/tcp/ContentLine.cc        |  13 +++++++++----
 src/analyzer/protocol/tcp/ContentLine.h         |   8 ++++++--
 .../weird.log                                   |  12 ++++++++++++
 .../btest/Traces/contentline-irc-5k-line.pcap   | Bin 0 -> 38967 bytes
 .../scripts/base/protocols/irc/longline.test    |   6 ++++++
 9 files changed, 40 insertions(+), 12 deletions(-)
 create mode 100644 testing/btest/Baseline/scripts.base.protocols.irc.longline/weird.log
 create mode 100644 testing/btest/Traces/contentline-irc-5k-line.pcap
 create mode 100644 testing/btest/scripts/base/protocols/irc/longline.test

diff --git a/scripts/base/frameworks/notice/weird.bro b/scripts/base/frameworks/notice/weird.bro
index 6c8ba14974..42bed543ee 100644
--- a/scripts/base/frameworks/notice/weird.bro
+++ b/scripts/base/frameworks/notice/weird.bro
@@ -106,6 +106,7 @@ export {
 		["baroque_SYN"]                         = ACTION_LOG,
 		["base64_illegal_encoding"]             = ACTION_LOG,
 		["connection_originator_SYN_ack"]       = ACTION_LOG_PER_ORIG,
+		["contentline_size_exceeded"]           = ACTION_LOG,
 		["corrupt_tcp_options"]                 = ACTION_LOG_PER_ORIG,
 		["crud_trailing_HTTP_request"]          = ACTION_LOG,
 		["data_after_reset"]                    = ACTION_LOG,
diff --git a/src/analyzer/protocol/finger/Finger.cc b/src/analyzer/protocol/finger/Finger.cc
index a9818ff7af..e1be27e795 100644
--- a/src/analyzer/protocol/finger/Finger.cc
+++ b/src/analyzer/protocol/finger/Finger.cc
@@ -17,9 +17,9 @@ Finger_Analyzer::Finger_Analyzer(Connection* conn)
 : tcp::TCP_ApplicationAnalyzer("FINGER", conn)
 	{
 	did_deliver = 0;
-	content_line_orig = new tcp::ContentLine_Analyzer(conn, true);
+	content_line_orig = new tcp::ContentLine_Analyzer(conn, true, 1000);
 	content_line_orig->SetIsNULSensitive(true);
-	content_line_resp = new tcp::ContentLine_Analyzer(conn, false);
+	content_line_resp = new tcp::ContentLine_Analyzer(conn, false, 1000);
 	AddSupportAnalyzer(content_line_orig);
 	AddSupportAnalyzer(content_line_resp);
 	}
diff --git a/src/analyzer/protocol/ident/Ident.cc b/src/analyzer/protocol/ident/Ident.cc
index f668be921c..9601be7562 100644
--- a/src/analyzer/protocol/ident/Ident.cc
+++ b/src/analyzer/protocol/ident/Ident.cc
@@ -17,8 +17,8 @@ Ident_Analyzer::Ident_Analyzer(Connection* conn)
 	{
 	did_bad_reply = did_deliver = 0;
 
-	orig_ident = new tcp::ContentLine_Analyzer(conn, true);
-	resp_ident = new tcp::ContentLine_Analyzer(conn, false);
+	orig_ident = new tcp::ContentLine_Analyzer(conn, true, 1000);
+	resp_ident = new tcp::ContentLine_Analyzer(conn, false, 1000);
 
 	orig_ident->SetIsNULSensitive(true);
 	resp_ident->SetIsNULSensitive(true);
diff --git a/src/analyzer/protocol/irc/IRC.cc b/src/analyzer/protocol/irc/IRC.cc
index a26045f250..a69674eb50 100644
--- a/src/analyzer/protocol/irc/IRC.cc
+++ b/src/analyzer/protocol/irc/IRC.cc
@@ -21,9 +21,9 @@ IRC_Analyzer::IRC_Analyzer(Connection* conn)
 	orig_zip_status = NO_ZIP;
 	resp_zip_status = NO_ZIP;
 	starttls = false;
-	cl_orig = new tcp::ContentLine_Analyzer(conn, true);
+	cl_orig = new tcp::ContentLine_Analyzer(conn, true, 1000);
 	AddSupportAnalyzer(cl_orig);
-	cl_resp = new tcp::ContentLine_Analyzer(conn, false);
+	cl_resp = new tcp::ContentLine_Analyzer(conn, false, 1000);
 	AddSupportAnalyzer(cl_resp);
 	}
 
diff --git a/src/analyzer/protocol/tcp/ContentLine.cc b/src/analyzer/protocol/tcp/ContentLine.cc
index a830cc8a7d..f15a8851d7 100644
--- a/src/analyzer/protocol/tcp/ContentLine.cc
+++ b/src/analyzer/protocol/tcp/ContentLine.cc
@@ -7,14 +7,14 @@
 
 using namespace analyzer::tcp;
 
-ContentLine_Analyzer::ContentLine_Analyzer(Connection* conn, bool orig)
-: TCP_SupportAnalyzer("CONTENTLINE", conn, orig)
+ContentLine_Analyzer::ContentLine_Analyzer(Connection* conn, bool orig, int max_line_length)
+: TCP_SupportAnalyzer("CONTENTLINE", conn, orig), max_line_length(max_line_length)
 	{
 	InitState();
 	}
 
-ContentLine_Analyzer::ContentLine_Analyzer(const char* name, Connection* conn, bool orig)
-: TCP_SupportAnalyzer(name, conn, orig)
+ContentLine_Analyzer::ContentLine_Analyzer(const char* name, Connection* conn, bool orig, int max_line_length)
+: TCP_SupportAnalyzer(name, conn, orig), max_line_length(max_line_length)
 	{
 	InitState();
 	}
@@ -229,6 +229,11 @@ int ContentLine_Analyzer::DoDeliverOnce(int len, const u_char* data)
 	return seq_len; \
 	}
 
+		if ( offset > max_line_length )
+			{
+			Weird("contentline_size_exceeded");
+			EMIT_LINE
+			}
 		switch ( c ) {
 		case '\r':
 			// Look ahead for '\n'.
diff --git a/src/analyzer/protocol/tcp/ContentLine.h b/src/analyzer/protocol/tcp/ContentLine.h
index 7a5a6b996e..357b3d9527 100644
--- a/src/analyzer/protocol/tcp/ContentLine.h
+++ b/src/analyzer/protocol/tcp/ContentLine.h
@@ -10,9 +10,12 @@ namespace analyzer { namespace tcp {
 #define CR_as_EOL 1
 #define LF_as_EOL 2
 
+// Slightly smaller than 16MB so that the buffer is not unnecessarily resized to 32M.
+#define DEFAULT_MAX_LINE_LENGTH 16*1024*1024 - 100
+
 class ContentLine_Analyzer : public TCP_SupportAnalyzer {
 public:
-	ContentLine_Analyzer(Connection* conn, bool orig);
+	ContentLine_Analyzer(Connection* conn, bool orig, int max_line_length=DEFAULT_MAX_LINE_LENGTH);
 	~ContentLine_Analyzer();
 
 	void SupressWeirds(bool enable)
@@ -60,7 +63,7 @@ public:
 		{ return seq + length <= seq_to_skip; }
 
 protected:
-	ContentLine_Analyzer(const char* name, Connection* conn, bool orig);
+	ContentLine_Analyzer(const char* name, Connection* conn, bool orig, int max_line_length=DEFAULT_MAX_LINE_LENGTH);
 
 	virtual void DeliverStream(int len, const u_char* data, bool is_orig);
 	virtual void Undelivered(uint64 seq, int len, bool orig);
@@ -80,6 +83,7 @@ protected:
 	int offset;	// where we are in buf
 	int buf_len;	// how big buf is, total
 	unsigned int last_char;	// last (non-option) character scanned
+	int max_line_length; // how large of a line to accumulate before emitting and raising a weird
 
 	uint64_t seq;	// last seq number
 	uint64_t seq_to_skip;
diff --git a/testing/btest/Baseline/scripts.base.protocols.irc.longline/weird.log b/testing/btest/Baseline/scripts.base.protocols.irc.longline/weird.log
new file mode 100644
index 0000000000..b88f8724c5
--- /dev/null
+++ b/testing/btest/Baseline/scripts.base.protocols.irc.longline/weird.log
@@ -0,0 +1,12 @@
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	weird
+#open	2017-11-03-19-17-18
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	name	addl	notice	peer
+#types	time	string	addr	port	addr	port	string	string	bool	string
+1509735979.080381	CtPZjS20MLrsMUOJi2	127.0.0.1	50164	127.0.0.1	6667	contentline_size_exceeded	-	F	bro
+1509735979.080381	CtPZjS20MLrsMUOJi2	127.0.0.1	50164	127.0.0.1	6667	irc_line_size_exceeded	-	F	bro
+1509735981.241042	CtPZjS20MLrsMUOJi2	127.0.0.1	50164	127.0.0.1	6667	irc_invalid_command	-	F	bro
+#close	2017-11-03-19-17-18
diff --git a/testing/btest/Traces/contentline-irc-5k-line.pcap b/testing/btest/Traces/contentline-irc-5k-line.pcap
new file mode 100644
index 0000000000000000000000000000000000000000..94c8815af2e90197166ff9cf4fe096a1fd943b7c
GIT binary patch
literal 38967
zcmeI52|SeD`~Sz5HCam=D#{XL>`ThN?>l8T7=~etwM3hw1tHo~651r9MU+SzC8d-t
zl}H;A5&v^$F*8h0&-ZzL&;Rv(^?mMMcQbRA&wZWub)9qH=iW5el;koaSP|5P^nLmD
zao3lt<{(yr47f6b)ewP@+MI|$=*&VO5)cR`xPB%mXxvuGe8nU0bJm7$Dfh%81OnC_
z0Cm+t9k`O~DqE=N(A8DY_)LKHK>hASzLhx>Qb3T2gDcH#?twJddL1dCBQ?Q;IH`sp
zt|T3`+*hIWIyHkC@hcu+J)RY2VG>19Csp=QbQT{<bK_Y6OyHOg{v$1F?%;DFSed}e
z8b~07flqO;&SKJint)7h(s~7caM0!we{e+O@WE)j9Ew`B!T%klsDQqsrGmMelBI>C
zzm=YXFBS#M&1PcVz2{{V_{IbEz;c}v{0F~-tcNx^v{?unauy4@EU_GM+bqV04j_~G
zUBCxJh>(xQ1Y<(bei(0g96o@OwFnszj0ug9L&>WkLvW!u9~>?i8RCrzmG_N^pcI-9
zo2-dMMn^{zRl+DLNJ<G7lsq(^xHXI=E)IjmdLvcj6~v`nP$(^NM=fy+OlV|`c#OKL
zr>e4+I673$(Oyd&AEk+s*N|6~N2y4Q8>4-LaY#i46iPu!K}p=vCo+@}i9{*LD=3Rg
zVIzGpe$wJb7(Ch^7lTxiR|R#z7N;5xzBB&8q(Cu@#|lRfx5W8j{4r=hSRB^jfdBDP
z@J*$VlHt#}fB4@#kP9ob_=Q4TFi0pt@%9t=LGlGDllYxMOf+>gP)hRYhZx$cL@Fsp
zxQ02YnYmhljF}N}IvXUz&?aUv!*7&eK|m-lfs1HWq#q1b3ZzqC!4Gz@lFSl{48!8Q
z{bmFPr8qU1xb!_utsD&PtcWo+l@B^DNr_b#Ea1mf&eS&8t*j00?5yoT0uwD{#y?;Q
zx*R$|swe2m{DBKT?f`;+$^|{AC?y5-ZB)V{gOp9xZ3u>r%HeUYu(Ql`LI!1w`wyKE
zunNdgov@UV6XZjEBfRA!F_FIVXun8Meu@JmL~PK1>=GF5qzJTfF|fAOHHEQ72a@rR
z|7)KN<xmVE_nDt|i%*a+F;_reNiE1qNio1mDOO3>EiTqy6=coy$r0G5ztAzzpFur#
zrZpPH;FGuzH~Y6c$dtF3bb;!W6X6z!8~7W&14`2g&V?y(f$b-%FCd3jSO_7^dqyuO
z7U5A;P?uL%0As15yb`EKC&JF8;|T?c3;1#D8RZ9Er2M@9Jzfz5Y7jT{3tvB8YD6i?
zudiUCYZ4npFt@igi8YHc#e$rfu1-t>$$!Dsv0b1Zwfp^T7yq}9fsf^KDP(`;1F5OV
z5zsfXurt+Hit~1GL}76j#xa2mozPqG*PL(=I*;mv|Ftpjv2xR&^@;phN=X5I4ZMrJ
zvy!=en1gGS4IXRC_;9gT@2~mfB|Pp1W1xB__#`gGj{CPe2ppD(O8=W<;1laQ3V>hq
zzb9tU14LB7*CA2PF-qvTI6^?2FFM9a4P?z61iL*z@?RJP?+Jl=)c*Ikef-}(2tIL=
zq@ewk6Kvp+Ms|W#sHJI;qOHB3y0VqIznUZ5L(X(U_9RID3r=9w2KA^;_+J|YpSWM8
zkp7iVoSsrj^6RVln_?~93?l6?;Xz@pK0Y94rb~KZ@?UU?bT6m}#z3uq$3OrAE)e41
zJ`Q{m)dysVo$6Pv4m(OI$*&(4;%A5TcEp)kSSdxC+IfSVnXW!x50d|atJ|DGJ!<d!
z{fEE}A1Gvh<%8&Jl#&AaD3{>4I7LfuV}b?V7v+Fu?1V}<PxuQ?$h|}7g#WoAaO+75
z>0kLIzMN80KtCMo6zhy~jdnw+*abT1`6`2~nH>W<@vr!#+7{G<V_*dofD5tX{_PI(
zzkVDz43E|R)EM~bHl?J1zMihSnua3ABqTJ@#v(YvoN@na9RW4|LjThn1NDHfHP?Yp
z;zBe~AOuaAdBR}oY{Qf%|KoE|a1+EW{Ie%M1PJID0^<`NBE&4lXGEr-{7A|nF(K{&
zHz!km{K=CaPkz8-_CMwDZ}7|}iM+nCg^i7`l8SYlfh{Ho<>CV81T#B#3+(fM#o?Nu
z9-QQD1)s#_|H9!@0rCHHiZ^vW^Dlav*l^nOUy6XoR0u$IaNP5g5P&Dcu8{amJBRuQ
zSBYBBa)2tt%~Gx*5q~haBJlKi8l|X!esoZftC^y6cz}bCZaBsS%lOo1jU}i79RY#`
zTqT0`PhAtRA!p6(!L(P2em24rjg&#c%SXfuKS*C(2)I-ffmB7RDj}UI$#Pg+08TzE
zGyrUjSmjS$HBz9I{-3&P^hZ%rRzyMa%P4tiKq<<vuY|_v>ls^HL@PNFO#H2bK+eoz
zqs9Ux|8qg&$RJ1vfsr9TNbt{x8Y-UPx~N}>H$GTCA}RohQd16#k(-Jmy3Bv$30#~6
zKKsR0$Ulmw*TSIspBr^1dniQ(^n+DU*Z`D|y|2H&QIL|d9R_4E2q@x3BvRHtFzU!N
z2q+Lren>rVnK~j6jrEsPR)_(Yj6GHVjg-F|DQ%qG6!-sX<axeQj8arUpAh4qZ>Q*r
z#w!@vp$MjWa0kF3QYbs2e`fz=#2`{gLytOA-J3Y{grcJ(rgl<DB^C0ZLzhfx)xY~L
zcu2}{)cJ$4rj2VJ1>i3uNcIb*sDOTKu&uYHl2RPOilE>dp{L;uvKT~=HAw#Fc3w&h
zB1jpjOpF}@1{dm$k0nNr9JqG{2G73(&fgwzR{o&Gz%Rqa(VS9LK;Od33KgtqYZ)1W
z@<zuvn!|Y(gK&Z8G5)!5v0xA`qyfht=}#JP!Xt46G-<?v$2n6Y4t@H+arC$2=uA5$
zIDQ#NPp2jv{Q8(!J>77WkDi5<w*$sO*Oy@!?SwOCY8b&e_kTFAVth7*cto}ci3#xz
zKt~W`iFj|GoKGZyfD8RMDE@9xwC|Gnvq8~%9{QN*kbh*h4P%C={-<Z#e`0WfH)@g(
zXXpkO`t*O}=x@hSCcOXXPtBiN%ct&`{U_$*|9KeM{B$4XhxGF&9u!A}p?xuEMu9Xv
z=igBJ+o5!O>f+|F_EW8I;FU4*kn|5s#sBkIvifN(frDgUQY_&j@xF`>cp~UC{*9!+
z8%bTvQ}>qtDw5iyr)Ks4$W;A5k0g^niX?BOKI!c8wBzRKssF~%-;N<RIG_GgJGM5d
z!<3@`$YlLLkD;IM*))(EDB@@og~mr<2&6eX@jUa?{A+s7zp?bUV~HJ3p8i}c$<tiy
z{0C<8|9LEV{d7E1L#n9|V~IF5^MqqiWGIL!PYZadi|(-dXC?lPtzX9$d}z-IJhTTd
zb;A|95Ii`jT=_<a?%}_T_?kiZz}|`nC+;QkAx~2u{(}$gEj|Qw;#6iMjsXF<l6064
zRqUhJAwB$e;vVJUKSVm1;S(PsTwDNkU?_`#|40k73-}ZSD?AARlUaRnp`qZDZh_AM
z?)aX+k&?*i8I8vf(4GW1C74A?MX-BD5b$X45Rd>b29p*Z&xqIv0y@Mq)H?(XlBhY%
z)2g#XV&H>o)B>CsKTjMU6W|#Ll4q0T!2eUpVc-W3T{0dW5yqf2F`2$JTNoZkz=6tK
zQv&P}XnYjLcgjeJ1i|4KiT8$QNWph@m_SVBBAVqBOF%;c@NzUcowy|i>5wX*<4vGf
z=fdKAy|KhbQY1+Fq;#l8m(CM{iHJb^dCuGddmtu)fWyav;zWQ%8BU^^VZlVuR4Zo_
zlQCfoWH?EvX4D`iGpxZ&hzt!yV?D#X@#s+EhWLm!z<AvW;uXd`Tq$vn%%hK2YTV~5
zfw<46iF+8Y1yHBgop*)~p_^WZ6!-Z`#JJ~2outtjr0A^hn5k1YMz2F-kMcBopw1w)
zN5XTaj%mvu=<w6EYf8tQfleeRy$-ou%Aj3AiF`BKH7En@@s4Lj>}Ev}S0ZO-)*aWT
zaUR;Pps^zV+o_fTY)qnvk}EUl&7^T*+2S-eHidaCEUY&E4%#<bKBlbWy5alT-l2(o
z@}gmQ%0S<zOTlyZW;WRj=9XpbOe?tOATLuJV5D8~!F9GeD}S<TW^|05epd8o(1leA
z*6YmrPs^{qS=;1=zp6HAGf+5c$+2|B5i_UJ;g;wdKKswv@7kt>&pxv|v^CQIoLr;q
z_Ya!iSr2{sQQ6H=8e!SRzuv+sq1#W^*-l<Fv1E~*Q~tix%B^$Mv^WnaeBQa|qE2th
zim#d5U#*h&=x6FUER;U{Fgzi=Ic$aS!&<l4_wlZ$V^w$!hY18-@$(Z6!7(ML`XmNB
z`ws4ukus=rcf&?t1Xo10gvmZ`Fze|QUtH8`u|bH>b5i&k{~KY&b?ds*Hl!DNN2rGt
zn&#p46DQ?1s10!<T=}au_WR}?uj78cR$ZrpOTG1$@*2FG#<5k3(W*r~h${^%)2=qV
z2}kCBYWy~4amv+2Y0c541<nt}%EyY+pT;lW@+NRqs<eGAR_2jea=jH+dl#<FA$qN@
zs58HTvBNP$!CTK9_2-k_VZJ-sS~IT+3pH{pN?uL)%5%G71o8UH<@q8blgMO5^02jg
z$Nn_eC-q(n*k@M>GJiVY^4>g(lc{p`?KG*wdFE2F2L0D-wNe@{?pXe+*uu&0Omn!Z
z_zlUBd92!&XU?}t$^1w(x_oq^Ru$iW0i)Q^uX8CcHDt$VVU089ZD0G*Qw>(@3Z4=C
zqjt}6&Bo#-^lla&$g(|AEk1nb^X@#PjJfZ6`?k@iNtJ2OgX<LASGatuyyep(a=~mF
zKRf%&Wp_{B&pEg!!Oiac;KtT$ebYCJ^6`}lkITLc2wywh`<5kYM9cnTQA7Pfg;##c
z(yHPL9I`jg^SNuK_KV2d%bmcuy&k{hsiBS59LX(fV3{v0w5?LRLlwFF(9=W~u8|2|
zm5Q^5Hs`kZpu}S${k68qoIyT*v{mA5-_HInUR>;*paYE_Y5HS}y}Vu@+bX^@;hw$u
zn;j))wj7a4S4-b^M6rgU9gj(`-;nxvLki2h#9H$!r6D<X?E()4_r*o%WH|Sly_ecm
zEQj*mv~8o_`;7h7`RnrbExF;T&eEEx;P-e-W5xE_U!H2z*=8l)XqD6HanP?Ey_23&
z$a8Da<ax8NYZsgh5o~KXE4t>}=*yvb<NMB*e>|tZ?C44B#5lR;*RT6MZ=ObZ#q%h=
zTNpJrr-=~WVBhWMa+ot_C{PDEM|_#i-bsn7svYjCYVD~D#m+ooQ<^)^dEXX`ClU&Y
z=Gm{gcn+Ucc(6<$*7eH%)}_np#2%dAH7r|FkA2(6At7Fk@|llIJO87&K>wOS*AmSf
z^tRD;E7&7DdU$z)iZasz&s-SIxq4-OaNO=lv6t&!mOq+Ya|-ENu;juJ@5>vr+Xh|@
zOI%zMm%KqIg*Sb%Uqyr0oD+}ohqRiQHoZLFeyU=X=j<9A9S)axODjkIgKc$9B1;C^
zRx`P^NyvOTHIcdvv8k&2Y_$~2BIUd*dvfM$a4dPz00*ZHU~rng6EF~`ALJA?hPK0j
zX+{3ncp{(ND0T3LgVVCbQ0K!0E24=LL0n0L9A|^eg+I^{ksD>NnHuC)Lme>4u_%m)
z^gUx~I;(wo^TAyM&)4slj+z|O8+=-4)p_r0(Fe0#w@!-f@D5vevOikL9=p%vplI`#
zye46zkcuM*M0T}(<lFLfWp@77co}({D-v~M8nKv>Gg}wGb@lmi=XP-3A+G~h4it(j
z8CYe{V&0P)ZKE9|x23&4I{f8ve7-H=fPZ$?hkP}}LUpbx6B+AFkDHH1>~bDlUh>rY
z&Mpo_+KThMEU!Bpf<Av{j?t~Sp1ouIj;d9-=;EW&x(l9e)|)8W>GFDEYhjATm9*6#
z-t<d`voF}hwJgfLa>Xb4&ARFtE4II?VEgDMz!MQ?p;A14!8pjx$B1+Hc=Ll{6PYBz
z5^EvJmSfz5;TwxT?eb}`ICd|k<Yvm;DD?fk61Dk#-flNrWQ%t$Z_>+^FPH!JVC{C1
z@mLP@ut8GP13vLd?sZFq>jP}}4k*dw=K5$zu(>FE99h`DLbl=k%A~gJ>)pF~A9M?f
zj*BBbzuw!vB>mXJ^`<MOVy>=NUzc!^vrgX<abo+NT;sR<HG<z5s+~EjJnyRais0E*
zu2Qn>gl9!-JI6ot2|tq!Yn^pmx1Hb3!jPL&<4aL8;e-@(x{f;Mb%KAmc**tMC12;s
zNW|?Ny=N6HjbhH+F^jWw=iBxTJ@-^+MRZJTu3dL|V|%hhblA<I2U~{@v)wm%k6rev
zqd4hP!)?Kfp;wM5M#p=;HV{Q4)mOhyS)U=moO-fSXY+*F?e_|0&NXST!lF1zrO-UO
z*4l@8*(dw4LEKy17cZ*3fpu>dD?G`1bx~@(Zjz!WTkyN;YX-^KD|QpO`4={<eYChf
zW{HgZ>7yz=EJ6EO1LLo6dGqaii{ap=ugqW1+(~=<*tWO3Yiy6QUFq_tfiGVB^2@nh
z${4*_#EVYXWhs!DIJUh1u64FS@&$f_$R9Q}$dZnuuU9Weopv!C{7`(@YgtIV*!;Em
z>o=M`{=}p3!u9;Y7d8ry3r5F=c0Ipkk*|_EyU`<^zcZ?E|L&r<hw^qDW3kWP<S_Am
z-?b5&T8C2k=bTFik=2|g+N{M)Y-p65D38LLt3TxZ`Q49SnY;B^iLp~`DI4pK(vO(M
zFH`3}v90$>xU{w@s3-w+nps|<VlS3QAJICsXXEgN{@4x8$iwmTYd1*m3K8nr_)sQh
zZ<M0NXJJE2d3{00Q-zyWDY4p$Y#6H#tFl>?bXaTMz~xeR+w_i|ju_@$#-HTPMa7n^
zU)1TER<MIpd=-1I&{iAmcy3;F8M^ex+I@ZdSL)4bobP2?@V55&x-YB4PvtJ2J$M0s
z!XWM3x`EkDb5o;rZXUn?W_3`7pG@{P1^rtxZcD~;cA)ko%iVk=z{6U%=iL4GqHj}g
zrN%4?!D-CWy(Hw7^A)jnqOp5js)&TnOXDmdU3UV1_)+Z>Q7(24w^Lh^PJDj7GiccH
z-X@2=?r*nbB3eZ^GzJ|p{2=#gRP>Tnj`Xv1ao0n~6dbjJcnbU#L^q)LDn8l<Ditc%
z4A=P<^@w3xoF<;jnuqk-6fX?$e;Dm|>{ZsL52q|7%_sOjFLAHdYnR1U2VToazg)o`
zh_!v%w^{K#VxN11M9|3h54<T}S)-*-lkK@Od~AI0J!(!+f8cO_N%@gDTeTv#w}a{z
z;uiL-+AOwFzhOaXah0*geb4ga<JNqdw!$V|9|V&I9kP~~zb)vCDZ0^fTzsNSwDfJ1
z_n4w*<?(2r%d<c2Utf^nz37COjLz3;>+AWOG7O3etsW`76JXWRDKD7)=(Hm1(Dmp2
z*HC4Xllq*-uQa}APaKUfyP3S~=B#c0GJWm4&gstzUng(=%D<^Y`>mE)O4;a-lc86$
z59bD?E!mfDu;@+7U5}bmbFv>b<yI|Fa6Tqdws+`)zdwhqX(5lx#<N@9rCvmLF5I<l
zXL@YDfNsAgk4ybQ_S%4x4+USg?b>(&Q;@5*ZSGOGGY^~&tm@Cw?Ugvb_Dbfvr0%aA
zaZ5jB8Hio2YE+RvV&Sr!<#xb_wVh!+;h&qtyz+Gl$`75qq@ZphcRr8z^QX$>y^^(6
zimtp1?*|$EcrtFV#mcvV)heOIUG)0VS+f%PIgcx8=o)Oh>zn_fWsaGj$yKM|sG@tD
z9$!**lYSm}%%ctEVe#NcuD{whr;O!aS-+bnSqZICO&&CP@*q37uaEhH%tp6YgJxV=
zi_h-=el_`t1#(ZpXFgnyGlza+=O^Q<L*^ICIlm5g@aLi$uYJ6J%IoU>(RN)I_4{M-
z(M2oEr9zL|=Cu^JD$h@Im{@DqC?Z>q)N+0L`U-A%5z0nLc<!bPlY(Uj>=Pe3w{OID
z%Z_b`3NIgiZ!xr2S=c1uw8^cdYPIj<#L@^Sd}~j4Dm~tm>@iQfbX&W6%8#RQxy71o
zs|Gt4gpSV<Eiw(}Hglho<;SfYQ)gQ!`e@v|B6PdedZo^x?psfkG!MSr^!dOe*+t2t
zuWeKHUS%<jt=`Q&e5pFDr)gC+=bfXz?N+fn{Yw{W-4#<xZE<*!#?AhaFU8v8@$!Aj
zrE3Lxt`V%yFu#(>d{a@TXZ^6&Ip~Px=7R<`Q4{Ce)7$0kyP_sccJa#SX-dn)X6<&`
zx3$Z9Z$ewMTesERS913h()YagxT+LovG9gdXhP4i%{_6iKCF@4y;3CmD0cR>@`e>^
z+_T;br8u-bdS9C&J2on|Bji9uJlj}r)^nU?;vQFi{hny{o`$1V+vYf<2uqG%`cVFq
zr*<dr8jszdgp(yO7YtUs_0saIj=0~^70z*ZPv%XNc5QBF?_LojcD<0a!I;VVwHY3M
zGIqUjhK8tTJI>qgx)kj^e$l9MG?#6QeDkUAJy$lJ=x@y{UT{UZy52glG^Zoo-=dIh
z^rYn3mpD1B?3o4Yv`}|0{II{HyX$_7*Q?SmAD@NQv7Eb5an<03*SMi=OSQrW2^&d=
z!@Ie^j=lG~{)5v<u}AWriI2{~6yMw@W0B=-h|P8A=5ekC@z|4nPABhPUJ%**<7<a=
z8mEA1cf6{T&3p~Z<xI7DDZCvb4}TQ)1xm5@OFAI3_U*A*a#42ffsGyy&&oS~dfcuc
zUnJl-ywEPdFIf^3>V427AOD2gb)+Gkdtl*px0i@851$Ub;b)gbj(zEsc02L<W_9W6
z`Ez4RzpNt&-P-uAWOI#vG3&A&vBL}A9DQu@t$4A~m^Sm46lBZA-L4V7VTa6Hi)wIh
zAICafUefr~>*~N(6vyECMho4YIr{{Tzh$lIcl5QtRfIUX@zl0VR`&tztz+kB$NU&z
z-*x!@1-XjCefOfV$dfgjmSdTOzRVTcyEVzVZ{@<+fGlN!-VL?KYa%1g<h{JB{0bi7
zO@Jf3=|_r|y7WhQq-pHfc*{VPKq8+K56zJxJi=QIb*geX5b)-4xROsh=uAvI;;i|)
zfcy4Rt=pgoqWI?I<OF!;gqd~CGbR=mHqx|MLLBC?0s*MWbbO|!H7~tw3%F~(ri5pP
z0Nwgx0mhnXZW7`YO&*{*y}fQ}^qOQl>w#`4nEtm=+bbaswV-W640JAH=yk}pg+kkY
zrXvG%%s`vrO6F#CxrSbc&K?n954gL8!VB8tXm4mI?vKN9S()ma6Td(U)fiaVy^>y;
z#==%$;ZsH}T?KTEfOT*sTc{_>MXy7)u$4#*S_mE~p|#M=+SE#XnX@5r;eyt!VPIYH
zR(e$$>)!p$Is>3XJP!y?zLBjPZ#_n@L$>bSly#r!t@HNr^+Wpy1Y&}Mu_2+juyA|?
zAu=jDCN@r2Pv5}M$k@cx%-q7#%G$=(&fdY%$=Su#?Z2@O<Z8r#Yg|4(4=UGH#enNW
zMqck!0ViqU2~8TV&C~ot;<~Ds0oN@sF8>=D{T2T~uET)G^l>A5)6ckS#{jN(Xt+Wi
zTcFO3JK*a1G_I?s^-2;~?HC4J-$0$;iR*K~V>(y6;Gc0_tpm8$&~Sx3-axJiZs20Y
zG_Jz&^g1N2t952_l{AMszZ2I(fX8&MNjvCyP{)Ba9Dr*jl`G^SX%4x@4)V_6+LuMI
zL*lxIg8|ozQ0I5znhtnO=Q{k;@pa8Zz_px)E97xe7I6Kc0fKc}yrxb&?jm!2IFsx0
zxlreK;R<<(Xfn;<n!b%b&ZzOKlLNRGQ@KJO%jZI!Wli8HU>esddwLxbSDhRNT-QUL
z--)X>;4wX3ombHFpmNpq0$ht|xI!N5A=e2k>kO{z@$@<*uDV_fxOPIF--)YA$jo_@
z&`o+CRIYkbfNLHNSIDCia<%=+HiPTPC3+naS3RkjTvr%Co!^No2Jo03ul1kkdC+kE
z47eVla)mrr7(lMKc7i(xri}w4cj<M=Tt745dJ^jVPF!CA9@DvAOr+;Q<*Hu+xYFDf
zumbWp3Ar|lfy+VDxIW9I*CBD$ub9bIiXH0wPF(u|kLg^Q&(ZUsay3W<T+^xX3VBGe
zL#_)`xn{iQ`~|qthW0(@6OR-$ykre_VX~!<*zhU!!}pxSx=2uWx(&M`>1|NZn0N&1
zf%>}>`82oC*x;My#-s{$3`%Ft`JOA$>yUhFkjTKdSlE`|$+v3(kLg^)ed&2neQRg}
ze7lo|E98NNT+>W}Bd7J5p$d8(5?4bL23(t<&hNyv5b&7JHTVNP4=Pt9KEQPw4Ohsc
z33By+HFM54YZ<)`iK`LcOs>)zQ0I5zx)Jc0&b5D9|E1yj3~=2@<qCO7YpeuZ-^r2A
z`@oo`oKrJi$dKzZ23!wAo!^Bk<bjYU-A)JDl6fdsJfr79<!XEkaE+ni3V9rcI`b|8
zpwq^Ig;;tWQoI@;W59JB>ikYz)c}v_@oJb$&x6X<BoJ`L({P16#v#{bMl3V9PBhc&
zkhq!z&g3fN33Yxau9|?ybgmLedLC4+rV4;7mdX|Kknx0EYaY&=^OcOy>yWsbDlp)B
z6YBg<Tw4K;>0CEWJ10)Vbp&ul({P16ZbGg>YiG@f*KgBqWhHYRnaNdF66*X;T$2Eg
z8C<34<BZDHtQv6jq;iEkWF;Zj6IJXpZprmLO|L`#TS49MZ~i2TEaj%&k}JCb{>>la
zExAz%d&<sSI{bR8TUX_*V^Z<gSnZ>4i5sb92ff<$Nk1$@Ugf~o%5^ED5&lu<1P|*s
zFFH~AvZPycC;$0`Q{u>ZnHjNrS~Y|27q+ztS-8$`b*x!%s<onMGCpK<nfKfCUya)G
zLKeM}W!t$v*@&?7^?12*^M&q;lQm7;yv?hUEM^ZqUEM>FTz{qDba~p@2ltKFoXbXC
zPgGV8Zdxbl)HPzwRq*X(f$-vY6=y6;46gdso%<4pZJIME8fA>CuPQp!`;dKTh5lqz
zPVJoS>PhdP^n9~$Ijyek-H&Z^R*rnnD)vH@M@@R^oh(tSX10V&UxwWmwz28%Jm~U>
zl`HN*^~#=WWma!8!y}wu2l&|sG!vYQotZYUwOuPe72V&D+?pMA{ljh{SBd?H50=e(
zucQ3<-T8&qL4)OWc;Uwy!<PrM%f1x`jWi)oWV4k&Gq|^QbZx2Wcb}*<sSSg3mphbw
z5$}j+3l7>|XjfYF?aha6xl7s;8%!TOU8(7mzdMWNk;=0Omq6o#ufz4YO7<ec-L-2@
zR_wLmVf~iB)ACS@<j2w@aaG~X=k~uA5JEkiHS&0A>djl0b9_t95L&8pdX~E-h<_4!
z?~Ux#`)(Dj#%bKNmP@#N%&u9}ZJwp!4Giz6Z2^W6Y$h>r@rPABg0*MMA;jlQ)UK_2
zv+s@GTy;Eh(~p(AZpbOhiC)tEc%-rSsYP|w`mEcApM$Kvy#CUZU?TA}$qQ4{$)$$A
z?UL@f)oaOh1z-GHLXo}Wvh<XwQt{K`P6L)Y+g`PPs<yh>(znNHuw(U!oaGV2X0q|F
zfhLh!Lf0nSRN7ujzVJTS86CAHBHXiHu0itPtNOyo0A}GeXxleg3s}7xV)Z7i<t3Im
z^Kz%X-O8Ebm$E&+-RMJ3`dyKav+e~yIVJex+scJ+{LQ<YH=!_=ja-j~)ZMmh|GLNW
zlTv&(K4aTtNbs#tEt|f1k+(Vyee^GFu$Qs(UUx;iA^JJWuz1!51Jovsx3MP_uASlf
zqO)bqTamOaz3<AJ<?7v*k8WU^r4^KrzwM2O#Nyl!8<)@9;#c<K%n=#6eCOTCqMH44
zM*3RW)~#E5Bw(cb-H390W|QpvwjWnUC;2J^G%m8ut5ME+dU1cg+UNqFq>ZmO+zEVF
z&+B*3LrAo5Vs+Fe>E&gsm<{JIy?rBJJLvF64-@<WiNI&q1;8yXr~7i|s-ItxGuk!m
z@=;Yp_Fkc5SR4Pln&JDWg02_3bv;zSP}N?s@FUY+LHwgRg?UHz$vIW2dB}Wc6Vq%O
z7EJLnH$&dvsUW)7Cj82Ry!6cL6=$u)bwsan)>iD7)frkC6t!b$<L><DlM@dzb|7x{
z6{mC_w4b$M_H(WAZf)s7lZE#}F5(CI7JtIX+Z7zRci?{3Cx0%Z(U)uuF05=P^RlwU
zZ4T{r7f9Upb;+wcR)gzL;#4Nz*goE1-dOv9cXV0Bn~t)W$-_Fyia5hAC$>$<Giy%?
ztH#Vl!ojH?3{KMrIqoR>!HN3E$o8v)KSmZsGsuC#Np=I&ksq9SVoPN+y$)&TVOGsx
z=aCEt%in3|VF-9k=X!S@JrC;6!#o-6JX~qGLLSMGYk>&|f*D+!C9dE=-;kMW;)gK3
z4xN8QRz`6Qg8ex0IWJjokT1J|c&l^Kq8M%^<sS#{+V0vKx((;XA*A)5uf0%e5NVTf
znYBB68Pduv+jZBqV}qe{>U~oOAK6^u!;H%D&r_Ma=n*u@Jr?w;N;B2yU|RAbPM1rE
zq}DB37IZk5hkfEZk1J~F<BW0X_h()BaoDXJ-tnz+9^QYpDn4~UF`G%M!}o?&eCwGb
zxJJC2+5J9?j!oYp+~p=0ux089Cb!BMEq#ScaA(oddh+?vRfM&KTx%OHRVyjs#U6#{
z@4PL<e8yesWd<$x_{e;lAXM=h+hZfUhOC*#bKl2Wen0b(cYfGQK{xg2(!003J%t)9
z_kY&g$;@B3t3p22iP>*<kge%FSLRaPAuG{`X@U;5mxIb%9!A+6zHL2U3(2Qpd1KU3
zuS%DFhk0hU((CXw?}8Sr={LjH=dpLms|l;J#@OE*O1fU3f#te!y1r3Ys)a3qC)PVP
zH0aQRq*EhL#A;S$HW)_nCkYzo7dCq~ZD|lk``>zoZ7Uz|nw>4YuxPH>^@91rtu;fK
z=q)M_w^w4g_~tLLs@u}n(Gab5tV#7#nB-gm0~ra)laudGzc|93Qs6z5y+AoBBH|!3
zkKj%zTv^vmRPJ-(va5btm*>y3t`kq%zng2r_c)c2Lyx6Zj&DD2)>kc+h@6kFD-+M(
ztmAXvWsZ1j%<viUQd6(B!WTx?D3yQX^GG&bbn6`JhGK#I{@W%8JEY#5Sq<!}OBhKw
zGxsUW*XjfBd%T|zUM#f3>_&e!x*NPrxuati>(jgqT}d{D`+To<sU-Sk>`Cv_Z+gCT
z*om3fRUoc0XKApAe!+{leWPrfHomz~f*;+}RCnZHb=P-6)+Ke=s8bS?<8Ei4-5(SA
zlJ2yI)A@mJTE?jQ?W}8(lBa{-h76i5w%DpsoA+{iSV@`Mkhl`_oH@CKB<*X7V}|Up
z4V^0`uRRjz+Go8~ytA{n+91v}>PM@wD&F8-x64Y&#LTD8n>BU#%N_}qqQ;g)3ii$o
zJaTSHl;Q1jCoVS}zyD*sS3<P6t8QN2qXY!fuQ}hlykasn^Y*f>9TSHe5XuGf3+j4H
zm$K`WjO=YKtb8A!u~;kQyt4IsnVUr)*XCe3r2?<t0G)<CP0XXQsIsoq?$8aUv4ty-
zJluEkV4Z=^RhiPNE>->tWO^KzTcE(P?;B;$?-L9k*E_LRBO_G0{8LCrxN>#CJFh3>
zmbQE4ZY)2eIWBo2^J|U1^U|LATn67Rwy|<Q5qx_0M@7h``O5+d^7GDU>d1SBBnH^l
z{qS!$l>St=dgB(q4A(RM8PSG3n8esKFO+!f!(;rl1R8=uu9fQ_5%R#kQ53y%&iVc-
z(Jfh5<cIcV4IG;zvj@TKS0xtVO~^J6U<pbb`_dEUeN}Ap*3Eqz58cL@mdw67a6DbN
zIVnuI$G-2lP5SQ5%_noOom1PtCBE85<pNu1HvR&S*<qnGCD&QL>A3MfYOVMF*f6Ko
zPk;Bp>xjm8&(rgo*FNVxtMjyiQ((jau|p)GORV?f{Jd`U^9p-=*GV6^y(Pvqv3|gS
z@9Xw87>Q>a7hg=h8da2kCi?M}gFTm1)7ZZ@-Fn7iyyl|3LCKiB%i+EDcOMzlN@W%f
zeT#qS&$Q<9^;=l(xhZ^#c2b(1`IYYuV#X#-_Ga|-xF2@jgJ|1dIot8Dk5r><+L6FD
zk(XQKbditk=l48|ac|gLV%yLweRQ@iFKW3f|IKT>^G1X!q}NOK9*xo(ZBbpvA{%k&
zd{JTV<<M>JEGjpT>jZriUt<4#qOw0csi$0ibGgR-Z5(dNk{wJbZ6|LTGnEIH?C24;
z<n9b?4Z$}p4_%!c7gBs-aL&2==^Rpq20V+S>hD>!$emSr6_6<TE&hWwqV~FTqmJvb
zz~$p@X)MMqx1WihZjNZrd;j5nm)UmAt);i_pxuXe_$@^`YWrUuUnq9j#Ps}KiBnBE
z^(DQB_9Lydb+;?-L4N*znmspDQ2qE=*Xw~opO342x9`qMUik^BrDedr^>HWK+1G`@
z+bhJrCzHVD-w^luQsDRC1?W<|y;jnjr8_!f$`LJh-m<g|96B7yfB8sp{>j>Rm&H(z
zulz{JO-);Nv{t7dEg)cAdGJPXV`P72;FrV@u7JMVdvBm#hU%Wxm^TkOtI_GS;+=bL
zjhZrk*Sc%l-di}=<(!c;(m(#*p?I#lQ|j|f^mY|Zi(#24k5!uj^S>JDb}V<A2rbwX
zVJ_F_U)m|Ad|kLZwfLA`zq)zlh>vN|_KZ+B0q!eBLah3ej*2X(j6)fwy;qzBY}-5z
z+&hNf-p%x3K+^dAO`{)dALPW=_}-EoeUstO*X36t`CRI1S-9Z$R4>1!T!&UmhYa?)
zvugg>x)PB(8G8A^#wX>XuNPg4KV{}2!hgGNz26>1Gw<$8T{l}~;$x1be>YSSf3cps
z-y{2!{Dkqv{CO#!fsv_Mna@1bcIp-oo+TaistV$$^5RI0z18io)1|C2<y(oZt<C2n
z$F8+)#km=NQui{kw3=996)jq5aplWV^wC+v8;rO%a`O%Pm({zZ3|^caezALKgkz3?
zj*#rZ&|8>IVnJurw=Bf%$=UeeOVq*Z*tWFI!y;;@pYPqdw>qUM_ICe8|2btXV@tCd
z5pQ+WRTc~1Yc6#Ty5(y+qOV!A6SI7BIIuuFf^*T{+k5PC4ezDDD(5=lz<e3;;fV5`
zJa)eb0pYi%vgLQyR)ls8i|$I=-h6!f(;f2XdHo7z8O>c`ZI_z3UFPNim7YT=pJlh?
zO}g2Wk9IzA*y5wKV~+7Yxsui|3oNB=a>jOlx?d3_xD8n|?^IkG%l9~C3|d?%Hlrc0
zjQhimft!~Lp39~MmC3Yq+bZ6C;Jw1>tL;)3rK3u_ma8I`iVdzXY<}(jwMt~K{+g}L
z)%U+hpX0GMzE$=4)1+!KVx9)dS5Y@l;zk_Xew#WMqq(p4Uw1)0$f}Weq?fdQ@%yUW
z!&rQT;psUqv(7cyiS^W;;nlEgu6sA;y2g8+M%KRYFx#cMi+HcDSRUqOmB}@%u;i=W
z{^Khi$mKp=ylt23Vh>gBL&mGF$E=Rb?*1h0Rkdqp(v9b<N-^Ge|KpFMbXbzHPmewf
z&JCJ#Ykyfsl#W)Z#C`dWLAerFmmxw6Th+V%ijh6SNYM`ix1%4*4fP2hGk(88nRl;?
zY?BRZ(5lCy@;(n8HjN}-n1%UHSpU+Zqs%PEUoCD}u=8#hQmS%Nwf<6`%Q9;_^!oHC
zxaem0>d3aCvZs=1Uxb(}l)cP&<^@&y-gtJmG>t7a*(^Q3efFJf-wx3dJ#7RtA=nBb
zT`hih{y<{$TI+e@+zVwy&UBvcJkTgnxo7EN+oQPS$G;7p9Z;|CU)A&cLCKKHfJ^Dk
zr7~NxnvP(L#Pegj=RWEGUa{|Tpm9WT8^OI2VR}60bm_wF;`YnDS8o<}@XR?UnlR+)
z^T@$kB`CA{LC{92o`M$xkrgp3lPV9g548HsQr6;OI<$a)b6NCp9VG?XlLF?hH9N+Q
zhx58CN>-%kI*<5li9)h{36+uB-e`zjvhR>;YH6p>^UycX^0iM?TeDrQ;J2Us_DR^0
z4B_xANj%pIG7tu*t=C>=?OB)qIAKNjN~tZnHl-XR_T#5L+2=}s$u;d#*0p=itAyZL
zHC`jwo*3F2tRH(g!2WuU;M?RaE6t47JYB2pHr)ML$9muG^7+?tH;c?3Fiy$lN*v3I
z=hxYWwZ6BltNx~Y*8+G%d<`5CPd~EmjG#XvCY?^%ug)VM5}nAmq?G2!8Xgf7PkY;L
zpLxkx><7ILX~trn%wWdS2anKyrx{BW;4y<M2R#q!jK#tR%vkJcxI!L%&_6L^GjAom
z)kUvE;%Z?tlj}-rsPj8<O$9urb9H<{&x6X<QUq|dpmK#gR$4=@?!_}N*UE38*CBDW
z6k))%1nT@wT=9U%bgr9!dYQ(u6L2-6;R<<_K(3LxGjAn*TgZ@W=S;40;1<7?CBGBb
zoq)%5uA|cQJgD(%RRFl^P`N@La&zSX*RQ)~Uaq}+h+c;juT}*NxPn{!<bIo59w85&
z-7_!OeiWtWLFH;42Doa{aD_b9L!Ix7!NuNbmuqtp=ygb3t-}~_ZHGF)OT0oJe4;aN
zB|WB0&x6X<2Ash}Dba9+Jldho-m^0=Ps*I6*CBDWQ73Zcr+oxVUYDYCfq_mcH@yyx
zJsR}(KplBqXphjjnfBZ@`~w|++ICTOmNC$IDn_qEZkGmV7Y^7%^Jp1KM;_SoTAgXe
zqjYQfrs)i2#E;xpB>t5x#*fmWLcyp&e3TAqN`l+X4Zv@>l5b(qX_<D34ZMYCNUCkL
z3h25Q+cA2S4i%c_h6;s`(m_oHpgDc~60T=xr#sMvm+ffUOVWZmnhbP4>C@|wZL5a1
z{Y+=GHWR`dv=6StHZmjJS?uU_YDnBj_P__#Y$<1OQ8?H(P?h-7Iq(UW`CtX7+qo;i
z=K`1j{?1G=8ZU<;0>}m%oDSfG2>k|W3{L`v(>!5E+#n7D$OSrAfH+*qhF@BuPOn2Y
zJc$Sr8eT+aIDD%X2dqn8@EGF2l?MMu@P(n#cuzlcgfAWw2H&eiEJ)0vl!s#AJ97#X
zf`gSf=#dgwb}^BD!75A$W@0JU<XP0jsXsOaTT;M)Nc*&wP>CpU03uD)A%aRo&4dZz
z3bqJWG7-l^+vthV>4*Rw(<vh1z?DQIG;QPuQnapQA-d2EY-qX*H)_*wh=g8=1EBAk
z=0dokaM*BXpmP;$0j^|&%a5zj>yQoZ8o3V|4h=p{XK*;EO6$Ui|8Fkj4Dk*HFO3Ib
z4V&W00ExgC`le8keD|B?!zm=IotO{~piOWkBeCh#`~w|`1dLCl3o0lAL<^BX$B`Fs
zTuyx_9kkUJY-76nj(E{;gM|INAHXgFY<)x%Z*Us~s1pEmzJOqXE6G--55ni@b;xa&
zkZJ>M2DVOi(b-A>wsC-GQOOHap%t2-j|(N>aac`Fd?Xg_3H~k&Vn!l52E0Qq0%0E+
zVh`R_7on-?i;V=Y?!$Wqpb4Jf4RDcI0)tFKAjk^DVf{RP@i_Q)I)rH`0Sz`37Ksl)
zdxG}_hRocQx1S#<ICD!85nw~%k?05lMTKGmu=pohcytIZ3aHVx$Jd+S8wjMZXzvKL
zrw@3YUN9JRuxRl9J=$VK76eQP8W&01G}vBm&tP=y%)(&g0vKce#O4?y#^Z5#gcXhe
z-ZQAF>4OfyfY$;>hJ^uy5%490FaW|C1QPQJ`T(E?l5!geB$~$%iNQ(?q|HEwZa>S6
z&@ok_*C7RxavLR(;A8MKK~D@MFjFEf(6${6Y+L`+AXo1FnQae%4(yC@rF6)4hJz~X
zEI>yDw2{6;5^ejV4%x=QR;(Pu_V<GJC;qHMz6Lr9z(}}~Y-L_Kbd+9)?2kl>t%xNv
zIns2<ceFuBjc@{ZO(g83AaG$wd&2Of3qb}&K~G{(jxPK`5rlOZI@Ab@i>7vJfAGuG
z7jzI1k2J#rea~UgXBgN(D)lQf(4oG#NH8?u8TWj2C};?2kRcBs)Gd*_K6Si^fTc-Y
zlw3H3*yK<gagd-L#E3;fI_%C=0g5(A^~6A<i0`-s?=%G_gn_^R2)L6wDWzm6@%PU_
zhTx{gJ+kwN10U=&{S4x;aoXH~+z&w<j>mvFyuoP4@D1op@6WGG7{%du3?&X3^=ENn
zZzdf#PcX3UcoDrOjcr?hW*e9DOxs4Q=ygbaWPIx%*+x6o@B_{1JJjxn^qMrbr2*Tj
z8F3r%U_$7Cohe*N{g-J~`{qB;5kXZ?Dopj?D7a$=$Y|c0ix>gF!LxG2BTp{)JsOR{
z`++ZX3w&+vPV-PCCGn45cnfT!d9!UG_yL|LATR$XFT7=)@%~*_FfL%hCWzw_ar?8#
zF-~e2>9`uaG7*iRDh1<tmgh{r$SKnEB>OsT<i5%m;Fl{jet|rrppG!mX$Q)1CHV!>
znyW^yL-Mc67tk-#z&@aQqJhpYQP40E@E>{E2R^|Gexl{jKeNNUeS^Wy+#iDlU7TF#
zrytY(!y1b7Lxa*ZfTo0qX+$Mf40vlc_(mj1{Es~%($^R4(5Dh%YZoz~rq@m1S}HZw
zY(TAy5j8oWV*oY-S8_D#1gxajAyHG!rcj$y{zGcxz)%>)(0JIc*}kNAfrDKE>BYw&
z?dQu3YIFeu>v2Tjed%8R3^#-jgzrQ~`x3zGjHl*=urSPHSOA18bRn@{Ff0&;!$U{F
zBXg1h8x|dfrVnxU5a1Xv!2m@_E`+{OX5bqYhEv6H5YcKUfN#z+@=YU_36T%(|A#Bd
zH!R0Lzoz#M)yF_b1a+1vd&)PluxCKSU|rI};z68w!5?g-3A8X}e+P~n{k#d@;H}a)
zJetUZT!->OoFBs<v+lAZ1i*X~EP~|PmY7fjP}v^V1<Ay}oy<a-X2W9aci9kpq#DpV
zm;@G%yUYkdaw^kQD(77$#B4Saa8PI}o!Ai(oPoFq0?|-v4i`gpZiebSK%JL7#ivsz
zdYL;S(kB%3ZwP{_KbxUGFO5EI4Kt-#<TD8{ZO&aT1Q#itn@q|fHVhJi3%JBZToIH!
zT>}F<Vh-s)K5`X(Lpujg6J2`~avnrBo1AB0ZK-Q&Mb2OYpFHFYLy&GkPG<$56fq-H
z3qx8lIK0v2S?O9DlIy`vEI`(?anv(61QTeg88F`GkaO*=jU1eH?I;yNyiQqY@2F>G
z=s;G4EV#&Z9PKFf!T6-u0AKjzNn-<eoB&V)lO#-N0MRc~0l{~leEtTOfW;{1aNuwL
zWUi?YqP|j|Wva43GAA{k5}7p7CP<qPIgpmA`a-n%)Lkp={U1TEoqn9Lv4+0al15au
U6H;xH6QK9gyj>gxdu{Ch15vO2Pyhe`

literal 0
HcmV?d00001

diff --git a/testing/btest/scripts/base/protocols/irc/longline.test b/testing/btest/scripts/base/protocols/irc/longline.test
new file mode 100644
index 0000000000..0573494844
--- /dev/null
+++ b/testing/btest/scripts/base/protocols/irc/longline.test
@@ -0,0 +1,6 @@
+# This tests that an excessively long line is truncated by the contentline
+# analyzer
+
+# @TEST-EXEC: bro -C -r $TRACES/contentline-irc-5k-line.pcap %INPUT
+# @TEST-EXEC: btest-diff weird.log
+