67134 2011-08-29 10:13:41 -0700 XSSAuditor bypass under big5 encoding (also sjis). 2011-09-09 16:04:39 -0700 1 1 1 Unclassified WebKit WebCore Misc. 528+ (Nightly build) Unspecified Unspecified RESOLVED FIXED XSSAuditor P2 Normal --- 66588 66579 1 tsepez webkit-unassigned abarth ap dbates webkit.review.bot oldest_to_newest 458255 0 tsepez 2011-08-29 10:13:41 -0700 XSSAuditor can be tricked under those encodings where not all bytes of a multibyte character are greater than 0x80. Big5 is one such example where trailing bytes need only be greater than 0x40. third_party/WebKit/Source/WebCore/platform/KURLGoogle.cpp: decodeURLEscapeSequences() isn't character-set aware. So given a single big5 character input like 0xc8 0x5f, this gets transformed into two characters (code points): c8 and 5f, due to the (correct) recovery when trying to interpret this as utf8. Later, the XSSAuditor removes all non-ascii code points in both the page contents and the URL, so as to be immune to these kinds of misinterpretations when comparing the page contents against the URL. This works well in the cases where a misinterpretation introduces two high-valued characters instead of one high-valued character, as typically happens when all the bytes in the multibyte sequence are greater than 0x80. But in the example page, it removes the (one) high-valued character, but in the URL removes the first misinterpreted byte but leaves the 5f. Not having such a character in the page, the match fails. Correct fix this is to make decodeURLEscapeSequences() encoding-aware (as is the non-G version in KURL.ccp), but this has its own issues as detailed in the comments in KURLGoogle.cpp). 463481 1 tsepez 2011-09-07 11:25:42 -0700 I've written a test for this, but it manifests only under --chromium. There's a happy co-incidence that generally masks this on the KURL.cpp side: namely what happens when a bad sequence is encountered. As indicated above, the KURLGoogle path is something like: %c9%5f => 00c9 005f => c3 89 5f => [ c389 big5 char ] 5f => [ hi unicode char ] 5f => 5f Where each byte of the invalid sequence is passed through as the equivlaent codepoint (after first arrow above). The KURL path is something like: %c9%5f => fffd 005f => ef bf bd 5f => [ efbf big 5 char] [ bd5f big5 char] => [hi unicode][hi unicode]=> empty string where each byte of the invalid sequence is replaced by the unicode replacement character U+fffd. The co-incidence is that during the KURL case, the replacement codepoint turns into an odd number of utf8 bytes (after the second arrow) but the KURLGoogle replacement code point turns into an even number of utf8 bytes. Hence the byte for the following 5f gets eaten as part of a second big5 character in one case, but gets passed through as-is in the other. There will be variations involving other charsets that don't hit this happy co-incidence, but this explains why the test case I was working on passed under the normal build. 463689 2 tsepez 2011-09-07 15:13:16 -0700 Have constructed an example in shift_jis that will flunk against the present code but is expected to pass once the issue is fixed. We believe the fix to https://bugs.webkit.org/show_bug.cgi?id=66588 as proposed by Daniel Bates will cover this case. I'm just uploading the two prospective tests while waiting for that bug to close. 463692 3 106655 tsepez 2011-09-07 15:17:05 -0700 Created attachment 106655 Proposed tests. Just to get code up for review even though we can't land at present. 464864 4 tsepez 2011-09-09 10:13:35 -0700 These now passed for me on mac under both normal and --chromium cases following the fix to 66588. 464881 5 106655 dbates 2011-09-09 10:35:13 -0700 Comment on attachment 106655 Proposed tests. Can we write these tests using some kind of Perl script that echos back the input data instead of hardcoding the response page? Adding such a script or modifying an existing script will make it easier to extend our test coverage for such encoding issues. If it's not possible to write such a script please elaborate on why. Take a look at the Encode module <http://perldoc.perl.org/Encode.html> for encoding text. 464895 6 tsepez 2011-09-09 10:47:19 -0700 I'm just concerned about the correct functioning of the test on any given platform depending on the correctness of the perl implementation on that platform. Aren't there already a bunch of these xssauditor tests that flunk only on certain ports? Perhaps because the cgi implementation does some unexpected transformation or the perhaps the encoding doesn't come back as expected. I guess I want a test that says when these bytes go up, and these bytes come back, this is what happens. 464959 7 106895 tsepez 2011-09-09 11:56:37 -0700 Created attachment 106895 patch using perl for testcase. Updated echo-intertag.pl to allow specification of charset in content-type header. We don't decode the strings because we want the exact byte sequence returned as passed in escaped in the q parameter. This appears to be the case when CGI is invoked without the utf8 option, treating the parameter as if it were a binary string. 465047 8 106895 dbates 2011-09-09 15:03:07 -0700 Comment on attachment 106895 patch using perl for testcase. Thanks Tom. This looks good to me. 465077 9 106895 webkit.review.bot 2011-09-09 16:04:34 -0700 Comment on attachment 106895 patch using perl for testcase. Clearing flags on attachment: 106895 Committed r94884: <http://trac.webkit.org/changeset/94884> 465078 10 webkit.review.bot 2011-09-09 16:04:39 -0700 All reviewed patches have been landed. Closing bug. 106655 2011-09-07 15:17:05 -0700 2011-09-09 10:35:41 -0700 Proposed tests. patch_67134 text/plain 4762 tsepez SW5kZXg6IExheW91dFRlc3RzL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBMYXlvdXRUZXN0cy9D aGFuZ2VMb2cJKHJldmlzaW9uIDk0NzE3KQorKysgTGF5b3V0VGVzdHMvQ2hhbmdlTG9nCSh3b3Jr aW5nIGNvcHkpCkBAIC0xLDMgKzEsMTcgQEAKKzIwMTEtMDktMDcgIFRvbSBTZXBleiAgPHRzZXBl ekBjaHJvbWl1bS5vcmc+CisKKyAgICAgICAgQWRkIHRlc3QgY2FzZXMgZm9yIHhzcyBhdWRpdG9y IGVuY29kaW5nIGJ1Z3MuCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVn LmNnaT9pZD02NzEzNAorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisg ICAgICAgICogaHR0cC90ZXN0cy9zZWN1cml0eS94c3NBdWRpdG9yL3Jlc291cmNlcy94c3MtZmls dGVyLWJ5cGFzcy1iaWc1LWZyYW1lLmh0bWw6IEFkZGVkLgorICAgICAgICAqIGh0dHAvdGVzdHMv c2VjdXJpdHkveHNzQXVkaXRvci9yZXNvdXJjZXMveHNzLWZpbHRlci1ieXBhc3Mtc2ppcy1mcmFt ZS5odG1sOiBBZGRlZC4KKyAgICAgICAgKiBodHRwL3Rlc3RzL3NlY3VyaXR5L3hzc0F1ZGl0b3Iv eHNzLWZpbHRlci1ieXBhc3MtYmlnNS1leHBlY3RlZC50eHQ6IEFkZGVkLgorICAgICAgICAqIGh0 dHAvdGVzdHMvc2VjdXJpdHkveHNzQXVkaXRvci94c3MtZmlsdGVyLWJ5cGFzcy1iaWc1Lmh0bWw6 IEFkZGVkLgorICAgICAgICAqIGh0dHAvdGVzdHMvc2VjdXJpdHkveHNzQXVkaXRvci94c3MtZmls dGVyLWJ5cGFzcy1zamlzLWV4cGVjdGVkLnR4dDogQWRkZWQuCisgICAgICAgICogaHR0cC90ZXN0 cy9zZWN1cml0eS94c3NBdWRpdG9yL3hzcy1maWx0ZXItYnlwYXNzLXNqaXMuaHRtbDogQWRkZWQu CisKIDIwMTEtMDktMDcgIENocmlzIEZsZWl6YWNoICA8Y2ZsZWl6YWNoQGFwcGxlLmNvbT4KIAog ICAgICAgICBDaGFuZ2VzIHRvIGFyaWEtaGlkZGVuIGRvbid0IGNoYW5nZSBWTyBuYXZpZ2F0aW9u CkluZGV4OiBMYXlvdXRUZXN0cy9odHRwL3Rlc3RzL3NlY3VyaXR5L3hzc0F1ZGl0b3IveHNzLWZp bHRlci1ieXBhc3MtYmlnNS1leHBlY3RlZC50eHQKPT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gTGF5b3V0VGVzdHMv aHR0cC90ZXN0cy9zZWN1cml0eS94c3NBdWRpdG9yL3hzcy1maWx0ZXItYnlwYXNzLWJpZzUtZXhw ZWN0ZWQudHh0CShyZXZpc2lvbiAwKQorKysgTGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9zZWN1cml0 eS94c3NBdWRpdG9yL3hzcy1maWx0ZXItYnlwYXNzLWJpZzUtZXhwZWN0ZWQudHh0CShyZXZpc2lv biAwKQpAQCAtMCwwICsxLDMgQEAKK0NPTlNPTEUgTUVTU0FHRTogbGluZSAxOiBSZWZ1c2VkIHRv IGV4ZWN1dGUgYSBKYXZhU2NyaXB0IHNjcmlwdC4gU291cmNlIGNvZGUgb2Ygc2NyaXB0IGZvdW5k IHdpdGhpbiByZXF1ZXN0LgorCisKSW5kZXg6IExheW91dFRlc3RzL2h0dHAvdGVzdHMvc2VjdXJp dHkveHNzQXVkaXRvci94c3MtZmlsdGVyLWJ5cGFzcy1iaWc1Lmh0bWwKPT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0g TGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9zZWN1cml0eS94c3NBdWRpdG9yL3hzcy1maWx0ZXItYnlw YXNzLWJpZzUuaHRtbAkocmV2aXNpb24gMCkKKysrIExheW91dFRlc3RzL2h0dHAvdGVzdHMvc2Vj dXJpdHkveHNzQXVkaXRvci94c3MtZmlsdGVyLWJ5cGFzcy1iaWc1Lmh0bWwJKHJldmlzaW9uIDAp CkBAIC0wLDAgKzEsMTUgQEAKKzwhRE9DVFlQRSBodG1sPgorPGh0bWw+Cis8aGVhZD4KKzxzY3Jp cHQ+CitpZiAod2luZG93LmxheW91dFRlc3RDb250cm9sbGVyKSB7CisgICAgbGF5b3V0VGVzdENv bnRyb2xsZXIuZHVtcEFzVGV4dCgpOworICAgIGxheW91dFRlc3RDb250cm9sbGVyLndhaXRVbnRp bERvbmUoKTsKKyAgICBsYXlvdXRUZXN0Q29udHJvbGxlci5zZXRYU1NBdWRpdG9yRW5hYmxlZCh0 cnVlKTsKK30KKzwvc2NyaXB0PgorPC9oZWFkPgorPGJvZHk+Cis8aWZyYW1lIHNyYz0iaHR0cDov L2xvY2FsaG9zdDo4MDAwL3NlY3VyaXR5L3hzc0F1ZGl0b3IvcmVzb3VyY2VzL3hzcy1maWx0ZXIt YnlwYXNzLWJpZzUtZnJhbWUuaHRtbD9xPTxzY3JpcHQ+YWxlcnQoJyViNCU1ZicpPC9zY3JpcHQ+ Ij48L2lmcmFtZT4KKzwvYm9keT4KKzwvaHRtbD4KSW5kZXg6IExheW91dFRlc3RzL2h0dHAvdGVz dHMvc2VjdXJpdHkveHNzQXVkaXRvci94c3MtZmlsdGVyLWJ5cGFzcy1zamlzLWV4cGVjdGVkLnR4 dAo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09Ci0tLSBMYXlvdXRUZXN0cy9odHRwL3Rlc3RzL3NlY3VyaXR5L3hzc0F1ZGl0 b3IveHNzLWZpbHRlci1ieXBhc3Mtc2ppcy1leHBlY3RlZC50eHQJKHJldmlzaW9uIDApCisrKyBM YXlvdXRUZXN0cy9odHRwL3Rlc3RzL3NlY3VyaXR5L3hzc0F1ZGl0b3IveHNzLWZpbHRlci1ieXBh c3Mtc2ppcy1leHBlY3RlZC50eHQJKHJldmlzaW9uIDApCkBAIC0wLDAgKzEsMyBAQAorQ09OU09M RSBNRVNTQUdFOiBsaW5lIDE6IFJlZnVzZWQgdG8gZXhlY3V0ZSBhIEphdmFTY3JpcHQgc2NyaXB0 LiBTb3VyY2UgY29kZSBvZiBzY3JpcHQgZm91bmQgd2l0aGluIHJlcXVlc3QuCisKKwpJbmRleDog TGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9zZWN1cml0eS94c3NBdWRpdG9yL3hzcy1maWx0ZXItYnlw YXNzLXNqaXMuaHRtbAo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBMYXlvdXRUZXN0cy9odHRwL3Rlc3RzL3NlY3Vy aXR5L3hzc0F1ZGl0b3IveHNzLWZpbHRlci1ieXBhc3Mtc2ppcy5odG1sCShyZXZpc2lvbiAwKQor KysgTGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9zZWN1cml0eS94c3NBdWRpdG9yL3hzcy1maWx0ZXIt YnlwYXNzLXNqaXMuaHRtbAkocmV2aXNpb24gMCkKQEAgLTAsMCArMSwxNSBAQAorPCFET0NUWVBF IGh0bWw+Cis8aHRtbD4KKzxoZWFkPgorPHNjcmlwdD4KK2lmICh3aW5kb3cubGF5b3V0VGVzdENv bnRyb2xsZXIpIHsKKyAgICBsYXlvdXRUZXN0Q29udHJvbGxlci5kdW1wQXNUZXh0KCk7CisgICAg bGF5b3V0VGVzdENvbnRyb2xsZXIud2FpdFVudGlsRG9uZSgpOworICAgIGxheW91dFRlc3RDb250 cm9sbGVyLnNldFhTU0F1ZGl0b3JFbmFibGVkKHRydWUpOworfQorPC9zY3JpcHQ+Cis8L2hlYWQ+ Cis8Ym9keT4KKzxpZnJhbWUgc3JjPSJodHRwOi8vbG9jYWxob3N0OjgwMDAvc2VjdXJpdHkveHNz QXVkaXRvci9yZXNvdXJjZXMveHNzLWZpbHRlci1ieXBhc3Mtc2ppcy1mcmFtZS5odG1sP3E9PHNj cmlwdD5hbGVydCgnJThmJTVmJyk8L3NjcmlwdD4iPjwvaWZyYW1lPgorPC9ib2R5PgorPC9odG1s PgpJbmRleDogTGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9zZWN1cml0eS94c3NBdWRpdG9yL3Jlc291 cmNlcy94c3MtZmlsdGVyLWJ5cGFzcy1iaWc1LWZyYW1lLmh0bWwKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gTGF5 b3V0VGVzdHMvaHR0cC90ZXN0cy9zZWN1cml0eS94c3NBdWRpdG9yL3Jlc291cmNlcy94c3MtZmls dGVyLWJ5cGFzcy1iaWc1LWZyYW1lLmh0bWwJKHJldmlzaW9uIDApCisrKyBMYXlvdXRUZXN0cy9o dHRwL3Rlc3RzL3NlY3VyaXR5L3hzc0F1ZGl0b3IvcmVzb3VyY2VzL3hzcy1maWx0ZXItYnlwYXNz LWJpZzUtZnJhbWUuaHRtbAkocmV2aXNpb24gMCkKQEAgLTAsMCArMSwxMiBAQAorPCFET0NUWVBF IGh0bWw+Cis8aGVhZD4KKzxtZXRhIGh0dHAtZXF1aXY9ImNvbnRlbnQtdHlwZSIgY29udGVudD0i dGV4dC9odG1sO2NoYXJzZXQ9YmlnNSI+Cis8L2hlYWQ+Cis8Ym9keT4KKzxzY3JpcHQ+YWxlcnQo J8lfJyk8L3NjcmlwdD4KKzxzY3JpcHQ+CitpZiAod2luZG93LmxheW91dFRlc3RDb250cm9sbGVy KQorICAgIGxheW91dFRlc3RDb250cm9sbGVyLm5vdGlmeURvbmUoKTsKKzwvc2NyaXB0PgorPC9i b2R5PgorPC9odG1sPgpJbmRleDogTGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9zZWN1cml0eS94c3NB dWRpdG9yL3Jlc291cmNlcy94c3MtZmlsdGVyLWJ5cGFzcy1zamlzLWZyYW1lLmh0bWwKPT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PQotLS0gTGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9zZWN1cml0eS94c3NBdWRpdG9yL3Jlc291 cmNlcy94c3MtZmlsdGVyLWJ5cGFzcy1zamlzLWZyYW1lLmh0bWwJKHJldmlzaW9uIDApCisrKyBM YXlvdXRUZXN0cy9odHRwL3Rlc3RzL3NlY3VyaXR5L3hzc0F1ZGl0b3IvcmVzb3VyY2VzL3hzcy1m aWx0ZXItYnlwYXNzLXNqaXMtZnJhbWUuaHRtbAkocmV2aXNpb24gMCkKQEAgLTAsMCArMSwxMiBA QAorPCFET0NUWVBFIGh0bWw+Cis8aGVhZD4KKzxtZXRhIGh0dHAtZXF1aXY9ImNvbnRlbnQtdHlw ZSIgY29udGVudD0idGV4dC9odG1sO2NoYXJzZXQ9c2hpZnRfamlzIj4KKzwvaGVhZD4KKzxib2R5 PgorPHNjcmlwdD5hbGVydCgnj18nKTwvc2NyaXB0PgorPHNjcmlwdD4KK2lmICh3aW5kb3cubGF5 b3V0VGVzdENvbnRyb2xsZXIpCisgICAgbGF5b3V0VGVzdENvbnRyb2xsZXIubm90aWZ5RG9uZSgp OworPC9zY3JpcHQ+Cis8L2JvZHk+Cis8L2h0bWw+Cg== 106895 2011-09-09 11:56:37 -0700 2011-09-09 16:04:34 -0700 patch using perl for testcase. patch_67134 text/plain 4084 tsepez SW5kZXg6IExheW91dFRlc3RzL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBMYXlvdXRUZXN0cy9D aGFuZ2VMb2cJKHJldmlzaW9uIDk0ODcwKQorKysgTGF5b3V0VGVzdHMvQ2hhbmdlTG9nCSh3b3Jr aW5nIGNvcHkpCkBAIC0xLDMgKzEsMTYgQEAKKzIwMTEtMDktMDkgIFRvbSBTZXBleiAgPHRzZXBl ekBjaHJvbWl1bS5vcmc+CisKKyAgICAgICAgQWRkIHRlc3QgY2FzZXMgZm9yIHhzcyBhdWRpdG9y IGVuY29kaW5nIGJ1Z3MuCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVn LmNnaT9pZD02NzEzNAorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisg ICAgICAgICogaHR0cC90ZXN0cy9zZWN1cml0eS94c3NBdWRpdG9yL3Jlc291cmNlcy9lY2hvLWlu dGVydGFnLnBsOgorICAgICAgICAqIGh0dHAvdGVzdHMvc2VjdXJpdHkveHNzQXVkaXRvci94c3Mt ZmlsdGVyLWJ5cGFzcy1iaWc1LWV4cGVjdGVkLnR4dDogQWRkZWQuCisgICAgICAgICogaHR0cC90 ZXN0cy9zZWN1cml0eS94c3NBdWRpdG9yL3hzcy1maWx0ZXItYnlwYXNzLWJpZzUuaHRtbDogQWRk ZWQuCisgICAgICAgICogaHR0cC90ZXN0cy9zZWN1cml0eS94c3NBdWRpdG9yL3hzcy1maWx0ZXIt YnlwYXNzLXNqaXMtZXhwZWN0ZWQudHh0OiBBZGRlZC4KKyAgICAgICAgKiBodHRwL3Rlc3RzL3Nl Y3VyaXR5L3hzc0F1ZGl0b3IveHNzLWZpbHRlci1ieXBhc3Mtc2ppcy5odG1sOiBBZGRlZC4KKwog MjAxMS0wOS0wOSAgQWJoaXNoZWsgQXJ5YSAgPGluZmVybm9AY2hyb21pdW0ub3JnPgogCiAgICAg ICAgIFVucmV2aWV3ZWQuIENocm9taXVtLCBHVEssIFF0IHJlYmFzZWxpbmVzIGZvciByOTQ4NTcu CkluZGV4OiBMYXlvdXRUZXN0cy9odHRwL3Rlc3RzL3NlY3VyaXR5L3hzc0F1ZGl0b3IveHNzLWZp bHRlci1ieXBhc3MtYmlnNS1leHBlY3RlZC50eHQKPT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gTGF5b3V0VGVzdHMv aHR0cC90ZXN0cy9zZWN1cml0eS94c3NBdWRpdG9yL3hzcy1maWx0ZXItYnlwYXNzLWJpZzUtZXhw ZWN0ZWQudHh0CShyZXZpc2lvbiAwKQorKysgTGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9zZWN1cml0 eS94c3NBdWRpdG9yL3hzcy1maWx0ZXItYnlwYXNzLWJpZzUtZXhwZWN0ZWQudHh0CShyZXZpc2lv biAwKQpAQCAtMCwwICsxLDMgQEAKK0NPTlNPTEUgTUVTU0FHRTogbGluZSAxOiBSZWZ1c2VkIHRv IGV4ZWN1dGUgYSBKYXZhU2NyaXB0IHNjcmlwdC4gU291cmNlIGNvZGUgb2Ygc2NyaXB0IGZvdW5k IHdpdGhpbiByZXF1ZXN0LgorCisKSW5kZXg6IExheW91dFRlc3RzL2h0dHAvdGVzdHMvc2VjdXJp dHkveHNzQXVkaXRvci94c3MtZmlsdGVyLWJ5cGFzcy1iaWc1Lmh0bWwKPT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0g TGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9zZWN1cml0eS94c3NBdWRpdG9yL3hzcy1maWx0ZXItYnlw YXNzLWJpZzUuaHRtbAkocmV2aXNpb24gMCkKKysrIExheW91dFRlc3RzL2h0dHAvdGVzdHMvc2Vj dXJpdHkveHNzQXVkaXRvci94c3MtZmlsdGVyLWJ5cGFzcy1iaWc1Lmh0bWwJKHJldmlzaW9uIDAp CkBAIC0wLDAgKzEsMTUgQEAKKzwhRE9DVFlQRSBodG1sPgorPGh0bWw+Cis8aGVhZD4KKzxzY3Jp cHQ+CitpZiAod2luZG93LmxheW91dFRlc3RDb250cm9sbGVyKSB7CisgICAgbGF5b3V0VGVzdENv bnRyb2xsZXIuZHVtcEFzVGV4dCgpOworICAgIGxheW91dFRlc3RDb250cm9sbGVyLndhaXRVbnRp bERvbmUoKTsKKyAgICBsYXlvdXRUZXN0Q29udHJvbGxlci5zZXRYU1NBdWRpdG9yRW5hYmxlZCh0 cnVlKTsKK30KKzwvc2NyaXB0PgorPC9oZWFkPgorPGJvZHk+Cis8aWZyYW1lIHNyYz0iaHR0cDov L2xvY2FsaG9zdDo4MDAwL3NlY3VyaXR5L3hzc0F1ZGl0b3IvcmVzb3VyY2VzL2VjaG8taW50ZXJ0 YWcucGw/cT08c2NyaXB0PmFsZXJ0KCclYjQlNWYnKTwvc2NyaXB0PiZjaGFyc2V0PWJpZzUmbm90 aWZ5RG9uZT0xIj48L2lmcmFtZT4KKzwvYm9keT4KKzwvaHRtbD4KSW5kZXg6IExheW91dFRlc3Rz L2h0dHAvdGVzdHMvc2VjdXJpdHkveHNzQXVkaXRvci94c3MtZmlsdGVyLWJ5cGFzcy1zamlzLWV4 cGVjdGVkLnR4dAo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09Ci0tLSBMYXlvdXRUZXN0cy9odHRwL3Rlc3RzL3NlY3VyaXR5 L3hzc0F1ZGl0b3IveHNzLWZpbHRlci1ieXBhc3Mtc2ppcy1leHBlY3RlZC50eHQJKHJldmlzaW9u IDApCisrKyBMYXlvdXRUZXN0cy9odHRwL3Rlc3RzL3NlY3VyaXR5L3hzc0F1ZGl0b3IveHNzLWZp bHRlci1ieXBhc3Mtc2ppcy1leHBlY3RlZC50eHQJKHJldmlzaW9uIDApCkBAIC0wLDAgKzEsMyBA QAorQ09OU09MRSBNRVNTQUdFOiBsaW5lIDE6IFJlZnVzZWQgdG8gZXhlY3V0ZSBhIEphdmFTY3Jp cHQgc2NyaXB0LiBTb3VyY2UgY29kZSBvZiBzY3JpcHQgZm91bmQgd2l0aGluIHJlcXVlc3QuCisK KwpJbmRleDogTGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9zZWN1cml0eS94c3NBdWRpdG9yL3hzcy1m aWx0ZXItYnlwYXNzLXNqaXMuaHRtbAo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBMYXlvdXRUZXN0cy9odHRwL3Rl c3RzL3NlY3VyaXR5L3hzc0F1ZGl0b3IveHNzLWZpbHRlci1ieXBhc3Mtc2ppcy5odG1sCShyZXZp c2lvbiAwKQorKysgTGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9zZWN1cml0eS94c3NBdWRpdG9yL3hz cy1maWx0ZXItYnlwYXNzLXNqaXMuaHRtbAkocmV2aXNpb24gMCkKQEAgLTAsMCArMSwxNSBAQAor PCFET0NUWVBFIGh0bWw+Cis8aHRtbD4KKzxoZWFkPgorPHNjcmlwdD4KK2lmICh3aW5kb3cubGF5 b3V0VGVzdENvbnRyb2xsZXIpIHsKKyAgICBsYXlvdXRUZXN0Q29udHJvbGxlci5kdW1wQXNUZXh0 KCk7CisgICAgbGF5b3V0VGVzdENvbnRyb2xsZXIud2FpdFVudGlsRG9uZSgpOworICAgIGxheW91 dFRlc3RDb250cm9sbGVyLnNldFhTU0F1ZGl0b3JFbmFibGVkKHRydWUpOworfQorPC9zY3JpcHQ+ Cis8L2hlYWQ+Cis8Ym9keT4KKzxpZnJhbWUgc3JjPSJodHRwOi8vbG9jYWxob3N0OjgwMDAvc2Vj dXJpdHkveHNzQXVkaXRvci9yZXNvdXJjZXMvZWNoby1pbnRlcnRhZy5wbD9xPTxzY3JpcHQ+YWxl cnQoJyU4ZiU1ZicpPC9zY3JpcHQ+JmNoYXJzZXQ9c2hpZnRfamlzJm5vdGlmeURvbmU9MSI+PC9p ZnJhbWU+Cis8L2JvZHk+Cis8L2h0bWw+CkluZGV4OiBMYXlvdXRUZXN0cy9odHRwL3Rlc3RzL3Nl Y3VyaXR5L3hzc0F1ZGl0b3IvcmVzb3VyY2VzL2VjaG8taW50ZXJ0YWcucGwKPT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQot LS0gTGF5b3V0VGVzdHMvaHR0cC90ZXN0cy9zZWN1cml0eS94c3NBdWRpdG9yL3Jlc291cmNlcy9l Y2hvLWludGVydGFnLnBsCShyZXZpc2lvbiA5NDg1OSkKKysrIExheW91dFRlc3RzL2h0dHAvdGVz dHMvc2VjdXJpdHkveHNzQXVkaXRvci9yZXNvdXJjZXMvZWNoby1pbnRlcnRhZy5wbAkod29ya2lu ZyBjb3B5KQpAQCAtMTYsNyArMTYsMTAgQEAgaWYgKCRjZ2ktPnBhcmFtKCdjcmF6eS1oZWFkZXIn KSkgewogaWYgKCRjZ2ktPnBhcmFtKCdjdXN0b20taGVhZGVyJykpIHsKICAgICBwcmludCAkY2dp LT5wYXJhbSgnY3VzdG9tLWhlYWRlcicpIC4gIlxuIjsKIH0KLXByaW50ICJDb250ZW50LVR5cGU6 IHRleHQvaHRtbDsgY2hhcnNldD1VVEYtOFxuXG4iOworCitwcmludCAiQ29udGVudC1UeXBlOiB0 ZXh0L2h0bWw7IGNoYXJzZXQ9IjsKK3ByaW50ICRjZ2ktPnBhcmFtKCdjaGFyc2V0JykgPyAkY2dp LT5wYXJhbSgnY2hhcnNldCcpIDogIlVURi04IjsKK3ByaW50ICJcblxuIjsKIAogcHJpbnQgIjwh RE9DVFlQRSBodG1sPlxuIjsKIHByaW50ICI8aHRtbD5cbiI7Cg==