From b648ba227b8b9f8f5e8ae5285028187275329202 Mon Sep 17 00:00:00 2001
From: "Roger A. Light" <roger@atchoo.org>
Date: Thu, 13 Apr 2023 08:35:11 +0100
Subject: [PATCH] Fuzzing: Add dynsec file load fuzz target.

---
 .gitignore                                    |   2 +
 fuzzing/corpora/dynsec_config_seed_corpus.zip | Bin 0 -> 23244 bytes
 fuzzing/plugins/Makefile                      |   7 ++
 fuzzing/plugins/dynamic-security/Makefile     |  23 +++++
 .../dynamic-security/dynsec_fuzz_load.cpp     |  81 ++++++++++++++++++
 plugins/dynamic-security/Makefile             |   9 ++
 plugins/dynamic-security/plugin.c             |   5 ++
 7 files changed, 127 insertions(+)
 create mode 100644 fuzzing/corpora/dynsec_config_seed_corpus.zip
 create mode 100644 fuzzing/plugins/Makefile
 create mode 100644 fuzzing/plugins/dynamic-security/Makefile
 create mode 100644 fuzzing/plugins/dynamic-security/dynsec_fuzz_load.cpp

diff --git a/.gitignore b/.gitignore
index 94d0b0c7..35a72b0e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
+*.a
 *.db
 *.gcda
 *.gcno
@@ -63,6 +64,7 @@ fuzzing/corpora/db_dump_seed_corpus.zip
 fuzzing/lib/lib_fuzz_pub_topic_check2
 fuzzing/lib/lib_fuzz_sub_topic_check2
 fuzzing/lib/lib_fuzz_utf8
+fuzzing/plugins/dynamic-security/dynsec_fuzz_load
 
 lib/cpp/libmosquittopp.so*
 lib/cpp/libmosquittopp.a
diff --git a/fuzzing/corpora/dynsec_config_seed_corpus.zip b/fuzzing/corpora/dynsec_config_seed_corpus.zip
new file mode 100644
index 0000000000000000000000000000000000000000..1ad4cebc728c2a7a5527fecd8302c8f476e08914
GIT binary patch
literal 23244
zcmbTeQ+VF*p1vJhjcpr^?KHM+Ck-3hwymbIZ8WyipfMX8eV?@b&AYm0<~Y{;H`0yn
zf3N4l`MKq#K*3OffPkQYUOFRHQLi@+h`@k=+>wERFo1A@nBLPFyV*LL7||IRS<@TY
z*_zT@I@;N)C_@8*zOb<yzx_FXf&~HwI{*a&`t{Fgij?CP2h!Kc;SzbKHde?~GB7CP
zvOOT8?`XOZ$mCj%u{Ky>jmETCThhC2F{DQLD4A<%0(-SBE%OH(N3W%`k1p=<jB(&z
z87Y;vQo(+hQqNwOr`J2A-yd6}mUl)5L(ln$i`A=h$K{U(z68SsVn}e<Pa-a+Rk8H-
zajiTg$u*wNJY4T+l#{|W#LT^lhr`MR^MK$TCi@l#d>}45!R5Ui(v5c^<W-BHH@5!3
zi)A5H)}yUk1^+mURbhPm@RZ?3&*Iy#HD1kZvQN*<eK#s;vv)J2dF!%5YuXktMs`?V
z>HlEd?<jS|hHdMZP8(H$;~`W#{H?w7`Pq$ZAa}e-x*`3er$_QJ`WSNdk;z;Wj)j=j
zvbV|i`bumQtFUVgZZ&h4n-FhywNb9Vk`f1^WnR0ex_O3EgUOPDx<Q@qmEYQP*kczK
zLOL4Y_J#s*m57xRI8l7^)(Y5GjIB&UFMB;P+;V!$OLzBCmyR*2<&-fFQHngqW0Wv(
z_&<5`t~H;bj*1|_m$j4_qSZ)XBF2CTu~+wdg3xX>`i11C>AG)C0a2p^m-xyd-QRyF
zkyr4AMu)zL{BXXQoxUjk;WXdnH5FF}v9@W@xh1QPR_>U>O7m2;@9<--HAdWoxGh?1
z#EEE`>$GKL`aWW8Lks>6`G6G#3*8>8rq7p2sN?0V-r0N6@zW1fN*}*H9C&wj&)5C9
zR`k(KEFTTYu=ZYQ`S>H#lY|nX#ClG8@8a{S&w2cWbMfMcvcuI^(~|5oG))$sRF{-A
z4V|`=gYj%uZ>@1PstxK1HMgok{F}83tD??=jeD?1;<i8|PzU25rHl59pr3Q>9?~Rq
zP1PXEF75mXZX=IEv3wh4Qii0%{KFX<P#6h;x#HE95{u9)pisc(1pP!i(1<_+pm(}+
z0|`lXf*x@NkmmUe4YKlNKwJ_U8BA(Qrnk(M%Y_yjcCpBYn9POx)=N|F_x#H0_1G5Y
zMn0U9>F|}yRECs7ksvM94Heh6{K#u_WtXL}oc$W7>3U1Q<FD^PnpWXM1c|a@VY(W6
zfS*;NWkE}+f+#7$9!u#nCStE28JgP*@m)6F05<03+?yacfxnXL)Ni3hCItD=b!U%q
z=BMs@!O$y4<vKO)Xc`t$aAcEx<5A*a_4g8$Rc=N-Vu^!LK>?AY(YjaknP`-Lxx`lv
z;Ad1XI|QQSzSH506h>4{{opX@&kggJ%~SdzK^Lyock7=!_%%X6Kk(2&?JmJ=aZ(ST
zf{`uZk_=3L!JW>fpr9EXK!wHy#>OQm&%5cmE<osvll*B>n6yHqgw&B{=r{$9H>Xau
z?S4#&g;>LL?E(Buqgmtj&C9Eks{&N=WOJzR@u%>$6}Yk;y#ysR?or(rclsZ07TJ70
zkn(>ij@p62HSQn9A^ux&tgY=_>0B+Wjg1T(jQ^j+C&Xj{X^7E!9v2EahBOceA;x-K
zu+fCJnv7)FmnG?}Gd>Dh+J5idkTx586ZVVN8o#rqUQ7%#dac1`xa3W%VS4D*7{55+
zzoMDF^_x?<RWL}1-9yzKdV=Z2m(9v_jEQ-~X9TMWb@%;xWP;)AZ_0eFSCXzSrVF%(
zQ>XbPpY+J+c{vTi+(+m@=@1j7*=k|yQNud&PXyd5(Y=Nq{F%`#2D>UWP_(;^)PwHo
zjz@>f)u>$e16Vq^G7!z~)YM9(NL&?>h#at&u;}}~=-MuhWX;O1bBjNG_?ZX2dTa3j
zQt%kYrZLr{T;=)N9=|n(CONn_Zdjm`7J1g{o)cHcN4q<4P0}{4CB<;Z*fmDv^O-Y9
z-yQ;IysXHDE1dxcR(Nu;SB`f9*I9Bq0@#lC+1Z=(WNZz8bXM1lE&$w6USCq#@{;ob
zV-?GJTB%Vrn3RF%{M{3h8J(v0n17Zx(N6*RG(L^ilxMJ;nun<Ulx>Q;3PX*df{(1O
z$|u_N$n;wzeoOGQ)%L!4&Gh<Enk)Xp!l0NnP+;J_f}1aGcZA^}9O~qOX|nfs(dkX{
zXn8?#izA~6PmN}G->+x-K|Qn`q!tc8H*@%$Yii1k!L+nYr=L64ZD%R)s?DvkM1wJ)
zRbGd&oHfZ>eoxevesV6*(&H&>VNY*#WNqsf!$3pd+;Ucc!)X!ATY^5ys^!;@Rye5d
z7nNrZ-yNoVTB`rC;<Q}GX_}(3UDqqK{rW}AIb_yB?`l~@JO}rAB)v+pQz4V#NH+=#
z{yEAD&5NQ78Vb(XC9Inqb!bJQs?7!w>BX~eQs{{JiCTSky}pOtgWS0vS75OS*4V^E
za96D!g^>stLQ!o=u_*aXck%;3GHTI?kU=3~^c96-v95$bfe9rnbE>N+rj$S$6B=nu
zN=pulr!i|_yf#$KlnG06p=DglbT736y$fI3TTIntr*%hm*H(5|q)jmM>i3Yf633kp
z*E-uQxISd?Mb5R>Z3q!TlS9TY-(%FW=T(?ChK2SVIIT%436`>aCiL<rz5J>T0XY~d
zL9LB+R*2bn!4Z0P=gsj@u+ll*c4|eJJhdL15g_5y)eaf=@~%>sCUYbW4LN#j@lAI$
zznwRHK0Qriz#_fgAtWS$pVRPxwFrUUqLB1S1@aE>R11k6`M$SvFNG;d$2iarGPiE-
zCS-a3(tFRn<Y6_po?ZUpN1B5k2xA>`h^sQ^5|3;hrO*%1o#EUPavJ&_RA?S(Y}~Vo
zyc@BO!T|mc7Cz~kg^iP_q;|z~xb;RM=H<#CJ6sZ_L)7seD}Y|nD&}}>yZH1n7l6rZ
zKW!Sk{3LoT0ulSAJG|KE?$_GiE@pVVpArAo9rKqhS)4z*ga5bg*xK3BnK{@w+yB35
zj`6~9EK;qCW48eAdf->2T2{#AWWk=~NK()V<<2JwHgd+EG;u=5<!|3CukD<F&RKZz
z@(e8v`T5bn47m5yBJHR7Aa>&8;~GDAJ24Sp=tPDd5F3tyL$>1L@oSwD!hXk!NAL%~
z;6jwPWwOqX(gQbMtIR}1#NU-148K)a`APNhaQGd`l#(r$xksvTG)bEPY}^v;2twk%
z!*odIB$ZN}=}3`0JDi`L++=aZheiz&<6<37zGBU3VKHtywn_-omqC4&eOvnq*E+^e
zNF5rx#@`MWPkMKwi1?y|cMG&LGB8@)d_Kc(KF^jEp@vk-GdoS?swI~tMH(=5`LZud
zhDBdn<Tf1(cZkBucwN+3?)j6*b&bmf%#P@+u?GuxcxrYBv@BY<2P|x@Q{81Y_FVEX
zy5FdJ*T?sOFi|p+QL~m%TrxDW9Oai-)4_kx{j^DPOEjTb|NIHA@iFKbl-1<X_)zx}
zW$x>OYqlOj&NudO6Ox$0`EQCf@!F)?{o)`sIH^WV5VD)CzC`9$j^v2&`u)U6sG&?C
zXB!=m3aI*#CPJyK2tSt<uZY|jWAGiMyI$cYOCHY0+Tgz!4Ck8dz1Y}HV<&tsFZS3q
zRjJx_e_44ji*bdQGdjUum)_)crOsb9ZZR!b$kDFnMl2ew<#$)T65^=4tdMG=!6!V~
zp~<6&NT$<WeV)so6=Ub-Z8@Jfvs}<YTT=@fr?AmJVwd-t;|>w+@La6M@Y-q)7S)u&
z)@^oDm|SnK+#5}-LfemMRU;7t^*PlP-59n50Rc_ZA+81ouWgzu>pBF^&#8J?me4WP
z126kVgK%#<Ss0xPdeG_=ePW~`|A2N1Ml0bPHiy=zQffle3+8u_+ns0qA+%o~4!oL@
zXeit*&kqQRv_Vc?-Q<7@IOD@=a_!u#(~NnfdQj)t7Z&PRrK!N=HU)+UIwAfU?{)2%
zl;4sw@<(#ANgF9M%J5s=TxXr)**XYHRm|*!0g~epuknOY%aRvm+87-=d|*5ekQ^pV
z<ybyJ<Od`A08kPUQZ)KdS4BAPPpJKO9_*RVD%PwXS*kh_WcBPjrVKOu^k=%pKEY*+
zFeMJAA%P^vteJG&Md<9Fbe106dr}b4yqr)&5}?it{6Z_<{`WyMXB57A`DgP)g$~Vp
zoUiD?im=j*HNegbn%S|~o=uFe(6{T@4NVkQu7txS;CUe223+Fc4OxX?t0br&>uJTA
z4@!r_VL3%X<oqGTxvk9C4A>7h<rG&olF>^~nZbuMs8}H@mWZ%vRJ5z`$YzODL%eBx
zeZ*;4V=}5HF-n{T!f<}LssHo|^)B_D&VWUh6pDfP7MdNQrJEiSvjOzC<e==<=KLc$
zn14%-vy=IMDmEKxTO6ogb8f1J3|uC8BI|OM<9N;Rk-*;t68rPtjtQ?6+vLhvdILE}
z|9m2)gNmG6!|HL<*l>3ozS~=ut7PABadkj&$b%CpTKTfXw#9RIH_^0~m8DHu0p!?)
ztuG>i_)eUznQ_znY~Tp3_8mUSE@7(lVoQDVcy*AfH`#El4)@s)p3<butdoL<pVM0-
z2_$0rpVu6wpqYkG$z1%34Q;E;xu>%02A~}H@}$Mnt(-S=nM7WG*l1UAKG&-Ai#1i0
zDeUHRwYzRvo?Yy?cL}7rhPKxgZ1v=d!L<<<9o)j4RNE>C;xuN+M0`|5pf4_7bgB^B
z9Zg9?4e^^|9?-N>-rBvKUfw;w|F+If%5$>zenOa9`%Is<0=DYCxq6YmQ&cl5BI1)5
z0sh(w($k&G&sOw|Ai-1A`Ka1$%nNTvj*2yLSS(tk01%~or8+%%pVF*pAi7#sma(f|
zlfb3@_g2G~v-s-A7*~^Xiib*oWF<ERwF*d9YdXzUsH1{JGG#5rh9#D9_Hp>og|_<s
zL5SK|V7^2LI~3A**xiAmgp^2pAO!rLU>{Jszfu#8-EMa+%w;+md}YhO^rO9f87<b~
zVka28-QnY4S<COzYdds?)8+ZRE_FP_Q5$_`X^*rPc?PkFf~>^k&9i$N(!;@zinbj0
zV3ZKGW_l+&&hHE|Ntx9+etx+?y05fRPygA2^E8V7o2~k#CSxV`X<PLZBQ|pHmeJKk
zt_pHTf}D*H_Ik41;3xNkTIgGi1{v&<K0``wyYdIxU8#YGFK0<#KSw54s$BB^j3Sl)
za)Rt<Lm69Ftox#Z82juwJSq6dEY78Vx^CZt=rM5|%IPa8Kryte1g@etEZZFnrY@mp
zAfBSxKrD?UfdHdDVj4&Z=Sk@+11;z>0-FRPz*zN?8MF^ahg_Xr?@TqyGp>Rj1zpA%
z4&o&S?*NfLg`j#=)G3Nfw!)Bcygo*?EY;@uiA@wv2~DiLJg9|kc+U}0r=v}S>x!)d
zuXKOHRwxgOTq|DV5u=tVFUhnqGIZeJpe4!FU(rlnxYd{R;;S||B##Ix8nA@x3|!k%
z!r{w09EFcE_vvw&EKQE&&PH5Dg~U$}w<h8zy=M0^dvY^bX^z^B-sN(oz1iR#xs~<c
z2SveNd3X?N#nQ<~Es0fGBz}d*Q?PTT>kiI9X@nGtuX?@m7Jl!@5psVhj-p5g*r5+@
z^sIXn+`byyAdueF6DsSoPwaipZ&FIs|0)bEUgt0d$;+$pF|SwxiFzuxsU~=#?RcE~
zUWoc<NtWCkTblnv1{Dir)*KNQjkC5L9$6jHLWnnmua77VOH5hSq#8hMJ|Nls7Mlv+
z;Wx3_ij~xr%Z{+pO>dLi0RCHS^sd1)@c#H4?7zgu$lAih*6BZ$o4?AO5aR_N5NIt{
zNTDGsJVF7Uu%<o2)!GVu(y#GAzw?xvw7rWNNZRP$o@#+l*;9$^@#?E?k03oNu-*Hc
zU>lM_7@r?rs~f8{fxR${R~f)!fp_md?)bxk1|#T|-^NCrV}5|d4|B?bj#z%zIJHs*
zrqMvN|I%UBqF9~am3X@$sqM~;`i?`<7W^QRkqVdGCAyfWjy(~Na`M3t3M*quLR2&K
zXRW1blQK@~O4yA$5n92Kvcf=_%2&;T(2_;da}$?EybY&iolz)k%{cgP$fscz${v~7
z(l%E4YPQ#)7)g0db5VKA!QR_f`z@#ez-r8O>vOHw<L+0TV;;Mg%NJx!kOP)_+y-)T
z-*6xN<hIko&ducm7b)hG@$s_?RtJIksV8L9mCIN~buup-m-+bc7Q1-nKYu)>GiDTj
zx08yTl&+}oT67x<VV+jeLNp4CLKMzdq#>1@gV-b1mFktBES*EUX62n3y!1M8b^JQx
zRiTc6JzbxUL+wJ20lj?~CvXHop8C{{CJ00fhG&Beh*PQ6P#oaj#5cD?VhF=P?$yaj
zYhUhT;91X74Cm^<LP8iPUD4=iYl^jrd8l<NIhSRduk_SFG8{%3EgnNo&%d}GzMkYQ
z=JXIvudp9*HQU@c-M!YMU(~W3M8X>$h_6SaA5R^J9*5L?{K!Ph?=r}u#$U8OESiNk
zZ~JjnM6iVz>vAN<w&~tp9>FfiWseWDcv5UTd06uF{G@%I+jds9hJ(B6V1kjyroCeC
zDzOT6zpPbFS46bgp(6h5gxz0&s7{Kbkw|<Z*nO?S!*^$&#v4H~g;TkQ`i=&}v&l?V
zd<+N<giCNDkM{GkqzeceX}8c34ELA0S~LTH0SEcb8FSgt{_YUmr9>p-l6LtXU@(nS
z7IbthO>%u+iwwnNk91x9H^qSibru76KmaJt!Vy`Q8!q{q;(Y%GP@EP|_0(P{B`h)8
zih;3YW5;RX#WUM%*@a?Pl7@p5oguOwV{vAhpF)k~^$TOF?`nv-wCiWI<>`q(6Y2=X
z-y4w!fZ`L!hXWOIQw8gsgk5{vg(PgGXWiy5PB$nEd5GJ(5Wk%5u7#cWd_St_ZOP<h
zG8poPHM^26ErQpRT3Jtih!^aQ!v!-g6w10uiEYdv^v=C*gWe1|@Nk4`!L5{y<`2r7
z0}+<S6<AA3{#pdFN*~$f-*G2)`ZBzNFL7xhNcq(^b5cRrhJvamIs`d-Z+8fSmsNv_
zzC?mCK3CAr3clj!)FjuvqU6)s0&;^*F`);`?p|&J7pYNE_;E#nF<<}D)EW5sr1|dN
z$CsOjqk05N=q)_N<DZDrRcMTEj)FoTc=G*qNGAv28OC4seg4heT;8xuWBrds&Tqk?
zv#@nBu(tS*i<}LmRX~fJ^Sx@S&~+B_fRnU;D&sH!MJOG4h(QR1-7A)k6FrX1XqdFP
z@2Bo?w6LP#4^8AphjzDyY1f9Q>DtG}HYI_jpm#~C6(*br==tZreU1>)aw1ff7_@0^
z43;7+eIdvhAXFJZCU}(N8e<k66W0czAmda$QyY%DoVK@JeO85$t&LfD6_22i^Am>f
zI#u-@qA0J<St83G9<#Lo_?)W&AQ-0Iyy$x0$ELoc&tQ1o=rN}&^?Xc_L=k7@hXQQw
z`zaV6gDvK{5cDboSpFn+=C^R@)3d}ar`X$)Q<bY2&g@)>BgJyZeM(Qo{>3?b<3(VF
zilcC52}{|DE6ShD?fF_+juD-<()zCUZj$O{W2mR78^kUO%{MM{uLn-nv?$m+#Sshg
zm&=_19bnX2B(*ceQNC@FqUGj_J&*1XQkXC$v>6vGr07k`im>d3QsZ7QEdw!({XNmR
zX6<t`;=<#=7HE^oqcR{=CGZeVAZF{i=6q8N52~J=wX7^%3ez+eDi#MR#Ysgz1ZK}i
z4a6ii!v6A0c1R&-`hK-IVIZGG$Vi>q@2gl@30TuZ2pGz|2inRKqvfnBRmkBN%O;yo
z5c#D7ZUf2~zM4LKp0*`e+zP<?b`jI2YBQ+8T8{6^#gvXl=H5&*XcChqcF`(*@}n+Y
zeBsmC)#mj95@h=^_TFZHq*j*tWz5C0$^139F4mofg(1@|<B@9Ezz-YMitZ2dg&vD{
z?arJX4kI2#Se^KZ_?loU7k-~i#`mf80PV3?)gV!ff00#^r&(7RW~8!98Yw~|W<}|u
z{yZotzuu*=y561uWZ7B<{k_3td9(<S1XYe<eHF}?&iE`}P^{{j&R&T(pVQ0u=5z2T
zpcODb$%BNj1ZO2;;C}!TRDFsJ5)ID&<8ydr7-9wkRWQMna})wH1IV2YBs=DsA_GL8
z+#J_(xXC;$Qe0t`kdP~TLz5a(m*cJJ-4Bk|#%G6Du3ZYzvpPVFh*NDom>%j44F;;F
zFEbOn3{ga=ro&2-1Y*xnNFe(VD+B7|w0wVmCyMcEsX+zzF801*f`;1xld3glMd)q#
zmgVs4t`t|A+MhvyOttS2Y)D>xg*~yCH6wx38CTx{e^ulk*oh6MTo}i9Y)53nE%+>Q
z*o4w8H+^@6<iM$&jq3v~Tm()YNYuSnluVHnyhIz>70}Tnc6vIzf-7-k(bG%{P@T9U
zfXzXAKL{;;<zO6;on0QNtVDW_W^UgOusK~n%<!H+jNH#MAvehUQJt(e)rmfCcvGFn
zDLe4<syEfSxp~;CN8l*9NDjIA8FG*UliJ=wxJ`TOMv6V`_;Fmy@$Q2AZ<pgU@!>=l
zusp3H0RfTx?Q#HHm4z8VbS#|cOl)2LQ@gXFgw6Czb%v&Hp-;lX&CNW4oKTDW!)<D2
zL$v8#MT8x6kq-{<yV!?6KFd$4f_s%BPJA<E*ckt@pFD2Er*>YAh?dkKRu+r|kQ_4C
zjLBV?JO`?GFA!v@!z^Pw9h<_`_J=)3RAQ-cH7>Dnk_$l&;NhVW`|FC<3$~e8E!-W7
z0xkpvFSDUma(*O$maYP*1K1!azCr3)tN1p(26UTK7cLKp1V2pzwosRkdu^3o*A8u!
z=ZCEd!;x)U2Rm+sPtxbp7LfJGgK-0|?Jq0J1GY`x)%&PjXH}Krg^IMjI^QsB6W|47
zD!Y=jv@*oo)?KP~R+q7)pe2gpmXShIb_G@Du`@FI5^}viQS}`oAbb)>_Yh^5e<Be%
z%=Ph{vV7HFO^FIu({XGSH&?!6A3g3kx)>n)($DMSJ#%uRV%wPCux85`M}#ack31o5
zIa2n>P$QnXWzjeo{GLH5h(q&3t!c`c<fcNGdbzz?iCoGLD*j<%{~vCzBN;x$PJ;a^
z97>!|nVnxSm20b{q>vJqJPJeiukgD&`L_2B`lQSq^uJ~BH8)ZCqH76&`6gbzyOk8U
zy-8SuCLHpOfG5L`#Wi1n?(5z|yypQiy1b^52kFP^lkk5R=T%ASODKBe_+59a1Uj{9
zKzlEKyiU$BJa0deSZDVdl}p5nZIeb47*5!7;&YZ?1@Hk%lyKnVM{EQUCj`(J+U+Sz
z{%3C~BZ{_^j}MGYLGQkEMXGD5DP@fB?XYBhC6S^y1sjb^e;<R8_}Hf}6`yvf2#ZqN
z967&-^pV7y^+A(Ga5*N|&j}{%hC&Du5@hT>8Y(F_R<IZH=RzCW;Dnf{+mCnkYYxcJ
z`|vFq;ny3ZZK%rt$I#H5mg&ZXg4q#V_p!t&KKN{@u}QzvDb_yM$I7X2B=bf`LQ58D
zlJdm?<P*AA6#`L0-}3hzQA|rZd(l+LX8zgB!Ud#=pbOqV4eWqlVTsxx*~PYXw52Jx
z4D<zvH79lo3EuUXF<D_YagRU%L_iR0ecigoN>7R61jUYegJ>}!-YARXlq~Lvy2Y0J
zDP<ab4d=BM@H2A77|(>BeKw$gHG8jnS^WxVL%#UlPJm;XUHH<}*i}Wue0zW8`rrJ5
zG>?t;pHG+cfBke#Ev!xc({ESGafK1EJD*d%ukVP%PLCBZa{x-07gAg~r#`$U9Ays0
z99C!UAKqzGi?_l5kjeHvPRem8QqAf`t&N|dtj&qq$N=Xtno@0Y6v|+NB}d8iP?>uB
zu~_)N`Upu{6jn)!erf7E$CLRDGKqAtIu{gRbZ)V8*m;Li)xJAx(&ivr@?%#L;t&v1
z7~W=|TS{D-Cb;^+K-1b4`tzvJQxg-&5f)7+qJ5UVQVEv&O?DY4Qt!-cw4(u(CSCUE
zOTCg=IX%dV)i~}_or3J4<&Xl^BKO&Lx=4hTg~JaRLa7W+lI@Z>Ngqbr%#~%w%1U$2
z#wNm_`Yta%k`CmNBt~+l=MAU$;@(oX+^WzqrVEZTnw~1ufGXH@<uJ&&<+!v9-Q{nz
zrM{Q1lRw&NVL>fC-LZ>UlPuUzZWSl{*eZt|5a4)^l7zu5qK^pE`&m+kkK(6L+gIH7
zAywnht6nb*4-bQd>q{?mo<odtUel55;Thh2id3m7(8&#p8@VLgO{NW<FPYxadN)+p
z1M<nqgp}1cBJa4%@CCX$cgze1BFY?cza6uEs;2P8))L_GjqWpD8UbNSlyj%>B?Ko|
zO;i_PB($JF1<m5uXF(L%8CJ^$3RMV?17aZ#9>W0g$1IIWgACIn)o(zjNrPpV;~OUn
zPG-6?PTE!)LfT#SJ>^F5tvvqBB59Uu1r#i@wV7vt6apGo=kMo<?pM}8;M27{^x>>X
zdwpD{QalxoBz8gDdUiR}r?~7B>0y7CKDXl4-US}agTWNtFs*ZG6tsmlaRZu&bd1hq
z*Mf+=CBAYjJ>m3g;OJ&IkkW@B(B3T6J~pg-gViNCinFqDyVKFVmUohv+&iW;Gd>Jw
zs>XnyUFRSa&N`40Ce4t#&q~+^ee6!FtBiWg5**20tjvmfSvN9o?E(Ykiwnr7cV1Q@
zu|wZ4?Jud}iqM<M=Rn4EE#JnI@!os%lT+-5wS)%F*qv+1G(wlyF$E2P*C$#4vWm`k
z=nu$FFK>=jBE^)N+SE6Kub8(R!1E+B@e~MFT{VW;s^MXR9G?=5NusWF79TbaozHUx
zKewt!zG`;wadXjxjO6Nh`_UD?b_AburI)~h9~|3f_0sX&Do*SC3HtYsZsbnc7wkVy
zpZtIQavcn8jqPmy({ESDb%g^dxGF&}PuNwCL1NJs#CX}!9k>vak^uM;+{2wn3Ix@9
zS%P`<dZ(+(*a!rE!WKuuj?EPx-d&s}hP=S;t2mal7^A&$=?pEANZ`=3^Y!Wd0p&Ji
zqwqlCmVB>q4r4jG*wnk7on^}yLZN*TP6_<}V?d+6HAk-11+!GF!%aZI`y~l3{C0Z9
z$LixQ6_nZ3ye(F!&ImI_oKAd^^a+^_<ced%fiMv|{$iY|G4w<2Oe-4`J>r^!jRg)%
zN_NI8Bcv6lk!@NrEiy?2WS`%BCvGOz0L%6dqea_MLpue#;HHP;UbGUvhLg;-{RsK@
z#SwBjs)`_7ileEwpjGQRXaimy{xo>TUbd{}rwD2^QzIG$y{F|-?rV9xeGP&a`58G3
zVXH?d+@6d}Nmx5eeVbCi<0l`hEKRs`w8n8v8CtEdsG&pR-K9(R3QAuMx$kf<6DyL4
zh9jUnd-?k{B9aN@x@EiMJ<qL^_*4LsZQ;Jsb=LmkugTV6%l+46D@4akwEb(c{haBm
zu*u<z5*h`r76QR&_)Y?G2pag$f+D0M#E~B8bMpDY^W?$QWk)lMI-4z>*qU{}?;*;~
zLPc^H8IXQQQ<e?$!rC~WHNNR>ushT(D022{Hk%jVSjseSq<#PBy)>~aD>Z171i5X-
z%74~VcWL3=6YiSKX$O~l!V^JX9^%1GaIV{d)au-vx&F*q5rfmr?wl2k2Qy=rouuG_
zdfsk#rTt@M(nG8>;+dg=ag{1HVsYLx=`w1|bN<e9tfPCQS#{d=GQ+n=z$E2EcrNKD
z@s7$SUV-Z?cz)??lUwKNl@30TjnlNbI2a(juUbf+`2e?{p9SO(w<MxxP%c%W`OXAP
z1QMJirV2^{Q#u!H$S5*56@wub$iMIw8ul2DmrS4AqD?W`JzW<&>Rs8?9o}2336qY*
zsdb~c!F)|}x<7tnyo-8Tq_bWj!&j0GL!zw8QX{&oeK&R5mQkEgf7mBc!Tm&*7_RR^
zm=@(j<bkqcX_^tb^ev-O%YvE`J><>p6Z=pD+`e>belPHaZ2I?ic#sz_>xdLxDqN>!
zx+NC<$b&czj!1_9*%37U39D9xCc6t4B8_y7J)xR46N=OMuAzhX&FxpdxqUyrV+NvA
zM!{!+LqwEr#5cFE$oVZ3*9QjR_KOn@Hlx@yvz4(8yBJ?#{wydygrz0mSEP7Bhqy`C
zF5$@GUrD#jRicfjW)qTPEyKYoLExkB7N#Bpyk~lH3L`h--j$xR{9aJ9-WC++-wO($
z)C4RjVt@r@_1A*3$wa|(Uj6zL=|vH^fE~jaA6AC}N%f!6_TONU$BWf#g8#8&Fg7tY
zaJF^=U}{Dtj*kDS>ik=|nT&MlTagZ$DgZ>$4o9?{9uR9%pf5ET|Gy5mYa64fOa6W&
zlIglaP>$ITu4l)u>$-!mVhG=j#)(qH@r#SKt8@D<zDLZ{i>31D9}+$TSdpGklAOr%
zl`4={OSOq74><?2fP8>y@Bwt24kt<n)J<^jb%a<#;&e7!Bu>Zxropl1KyborOfAlo
zT%3Jn`Ni10twqU6W=}@4?M7gdWPgH#5&P>zy{KvaH!eFkGu;NykE95uDP}DXgylKf
zNs=mFmUzmmR}=8I$J@~^8Z_MsEmsd$LgB*Vlxc)NKNGm(+*u=qQ&pgiq@+Fs%@n0L
zJ_`2@e9d#Q%(^{8#3wK5Gp(_>CSPK-uhE)_=E}O1F=1>fyE@(u>88!jgdVS@q_|ZK
zhB^@z#8fFA#vATh`oRLpZ)Rm6aoG!s_>{9%E;=d~qF<ml#9tHlyWRA61M}K{F!{L*
zXgA4SG_=Rz(aMHIM?^hIk=p#Q-WlnGM}vC8jh~FA{8An$h<?m~7y>?jN*G3RW+Fc9
zke}9{-M(k;jpi%R9JaF8^WOEhvjiuu?^3K;jep64lat3PaHn$B8=rrYU4*xa(JXjh
zdbC{acwD2j4S`@iM`uZ=>vGfq;&^ql9Fd;l)}_PQm3qD^RKvk(HGcgS@@42WL&?D#
z4gVW&<IQa@t2K|Mk}4KBxvOI@Te_MK29|-6_?7powQfrtB*u7aQk6>aVB#&8UD*Ti
zF3rG0{*R>7x^AtO-_p}7V44EspWD3`?0&QOCOv5UC}pE3rTR%8Yrmz(9tbaFyxNTt
zmb&XrdQc;)TYHPC8>~eG4UzCr)yMRZh?y{jfsqPO3sN!Ap@0Mxp8|tSg0oSov+HH3
zq<Cf6qXt7&4&0)-3P3o)WkNF>+=uPnxyRj(?zuPHhu<pF6C{&QQb-5ClRQ>1jHqon
z$vbvsm!YtjZHv=%xn)C**KZ|BOY$MoLeaD`EennGWYcJzQI@yl1B|!A$PXxh@s_PP
z9tN@>P;b&1zDW-Pg^xvrRl({^U5&^sUdwXWb<AiR%5u(Iy;+)>Mzo9B5mYByGBya$
zkJHdWcSRNuSov0O`f(i-5ZSN`J_{YXqI5G%-|YdUM>`AG2UfTgP&B0bYS7ThNx*mN
zVEzR2IEz|&N@(DX-I?`g7A$AXDu`c^RTPrO5yzz)iGy>utlbiljq6Uz74!hqo35);
zT=#X#w|0q9bB$^KJL8Gz0jeiRQ2@`=6diwvR3_Yo(cM*$l>YT*aldSqOMed9m8bkC
zzetyA_rW+gRYBe;h;Br71deX{lia_Lw+i<1*8l7&e{*Wa7LEpn)+TiSw_Qc+&G3B9
zNsxOpJOuHTOh`g^nSAnu2q}a5AkfRRkVK<|)ntqDErk>t9RN=4Jx2%FOv-qMc))8x
zS`K+Z6~OS|a5FlIw#-nI1aeM3dtBeV8J-Z~l=F`RWU1lw#f{qbxuX|{2`aE8(x&QM
zp@fl(ZX7$5gu?ANWwExuIJE%n;aqcqqL&=xlx$o`)HhDeCT42P!WiQd5weHIvfrgP
z-DB((C#-T|ns?J06>2Ru%=L=3b{ag+@)uhy*u?`~nU%ASU{_Wv)iaOsPhzs}yHtLs
zh8LDXT=NbK?YpeJW_0QGTV8V&Ga9zBU99RI?2qRLWCM9LiPBH&ZMWsrh#z$AbbPq5
zxZS&Sj#@GDlr*6Df9@8#>D7|6xUQ$~VPsQ|OSvv;D~p1zLU5HOeCV58*M*39Jo!eC
zdS&Z1W0$zdEV2pomRF*(lYDA;_36FG7Di%sf<pKZ)(759k8F=@7n#r3U}mpcr^yHC
zJrscH+20liaB9m-MsKF4oEn1)<04Mr1Y%Dl(hsGT9*VKP!Hw`YHUbyQ1Yx()4i3OZ
zq>Y6@-s`^B73^`A=`hyO3q7EC$4FxyB;d?`wn9g*u<#)d$2;><!@M43d*KPV+3Ud5
zt^d+7s#R4y8L=B-dPQ8~77U+JZmhyJo4#)Cls%W3m78bRG}b2SGet{Fp=Vz~k{PpK
zv@o6)JaGOcW)gB2SQE2FGa`Lo<O~5lLheELYdgIReTaL*hm@9d-sah}Nck&Ujh^hT
z>b<f=JJkKUR<#1(px42M@XmydK-6I7Hf1C*@J83UvZhl2HDY(atp1xCIsQ$J1OliL
z>*!OZ-_!_Fp?>K6Z)$`XH2^@381#fAh4o;<_+l1e4zyRx13|^FP|%jMT&Mb;7M@CK
z99fjV$0kwDJ8L_NgxNuTPvp=9*i{B*V(N3)7H5-`>Qfxt>ewED4VWW~>P=Dp8>rTl
z7YjBEI&A$6yPPql%CahAj9GoynpEs>2qrK12=!q{t{Dy?k}*lSnQ;9B(@CrX=Em8J
z{iWJKdu!uZGP;y`)zG+Lp^x@@z|bq48Uw)djOi*yPfKxVIZM*n-fPa?-j1cfA-g*u
z#l{66mHPzN_kmr&7V%31b%|_52utkRJ32hm0kT#qvL)!Abv+Le>%F(ZGs;N^n`M>U
z!mB{M9P9|#$7F!#nFoMshB5a44OBa=$a98V1AuCh7Ct0&imPTY@$5>L2xGsg5r#k1
z2;FaL1mJnhN}RhtxBc-v+HanxFp{1Z-GKxE$bPcG=lA@#w8dya%=J&&!ul(1{l743
z=TypLw&O%;tfZuY0IL%NE%hlCY)GIHu;VhT#scOPU^D6sFESjI)Xg!_zqr`Cw9FuD
zOeBTU2Abk9j>(s-hxBn{2VH%nu`KMK&~U!|WbJCA?+5n-NAS$=yai?i?*-c@Km#)P
z*ro;nR>xLtVtFh<dpPaCu-Ho~rz9-|P5R=N?IHRpA=2CMTF~7V?Q6n)$GtKMM^|<h
zI=k3~t(`}Qy>M@&1-SRYHfETuF=Whi3%zl!tsK~@lapR9QWMqORy+>%%}3uhbdx2G
zT%62OD=gZs<qaPr>o}e1tN6XOB|l08#<%EkbT~X9Ypy}!cT0A;Y0+WMhpp$|n3lCw
zpH&X#K!WdaAQs5Y&EHt8QFA>U?nf7F)QXvbMd2?znNdUyYj`bP(o3d$SE{Hos}mBy
zi~;HqB8H!aZIe*$6ALo{xq-yL{FSkCqI*=kVtw?3|8Y7?&x2P|x657y>gWytr$dKU
zHu{g#;Y3HM1{Ly+$t@c9ax(`aLHE-a;DBoPxx*Jx0D>G1ye~$1Z7ABi7CLrMF_^D!
zFLT&Pht_MOSlpZL=HVoW>M*z<78!3}w`>^@Tbz#kFlCD#VBw{B>wfzX*PO0{@s#y3
zuZn1c+UdkcR%<M~{j*!1$NMLzmDzKRuU<~hLR^nQ0g@#FBe|NC$)A=4b-ur^wBN7S
zJI-PiEm}&v``U5tR3!s(wK+jjE=3^TSE~VM0L-?3XZ|&vL8(*q4U3iWME_*9Nc|}5
zjUtaZbfV}dLmAspq}wO+hQ*G*VX+>6VX;C>xEfz;b1!LDpi^T(Kuc+?OBF{|1F1l!
z1^vdK$$n$8%#v|fSG^#Au-K6)M-aAzMmhi%+w!4+$q>yQU*QiHTl<SqW0>(?{uf5=
zA$6Eh$YPx0Ul}zoOaP;HCP)Nb4Ec*uWB<*leXl$G0#KWo^F04+toR`UM=ab_Lh4e&
zH?^_e{($sLZNz2H5Nxj-0cvCSrZ!!AZ)yXj*7nAz1tpR=VoW4wDMsLQqQ51qf3Z1s
zzY><nTf&l?ZgPYw#jTW!?g|8~xJuG=-6svn6on8Q4FCV0Lh!cYrggidPAG`Jt+)$d
zqPTRU|7vr3hS#w*eZI*7Y);~BNvWvileFNaspPmHKDP*9#kE>gV8%0aK4=2DSF2aN
zYJPb1bOuyA@#o!tX#B`^?O0~)R@%*|gO=vqqBO6^f1_eqLH(}(LDY!;yV(3+H{5?Q
zIc+6~g;qjP@E)=Ra2mF|_(MUwUa=<2ltZ;f!@jc#Z!CVxdyY06LNAMT9_(v^@#ptg
zUfg^mfP4jv=3Z3v%j5hhb-*FWJQef6SUv`&QDM+ZaPqk|a&<!`U?n5;B5pb3W8yya
zcmFPRI02>3@LQ<^;9@BOTx`u`ZoxO^DJQ7WOc5794C0#O-&|}!=A@3EXnM;JHicY7
z2H~r9>Vu?LH=pxTB^Xhr_Yc<>oqV_$!`3_<lTEfxqqGZF=`p7coH;Lwf@Bots3T$m
z-|vg#UCZ5j=)ZI3)IID^N>L${$}>0kd+Rk9rlP}g8esIRmyK)EezLxEpFg?BW|iv6
zx1{fFZ9b0wW^Rcp-oBC>k<SiCRC#PxVivQze0aX)0yEscp3(H=Hm5g?<mW{hI;w0b
z>j>atpXdjU|8TJeKaDaQ%pVTHPOf1e#1~@^6N)^B<(lyYH{85=b=&OFM*E|2)EvbJ
z=y!>?iTRL2*Sa%9p{qe8{bKS;|B)Pfzf}G6?`x1qqQK-L<o)6a=aYD>CC)wzso$+V
zK4sW69uK%TTBydo3^%tN#5l4WK<*J>Xu!1vWe1E?TVS&&m#zoz<Sn#W(yxeBm}T=n
zCLBi>t=+S|wq>I5K52~C6=0t>>c8Y&`R;8?mcF0IYM)^1Z{DzQI-`fgoKc8~CTOQE
z%jPa(5L9S$%+eh_heHtOeQES^{kSp@-^O{8*jFCc##7c_3jkvQ76*WiG@e1M|F$?_
za1hLG(g2IY<~nCp|J&lE0W6Lj0F1>!{{_Ydf=ZNff87fMpd;ZfAW+Qu`p!WzDwfOP
zP<@14l-1fkZ(uA4xB$Hoz~VIj7Z_`v^^e7Yuy`+4E;L#2$KvE`-NbJYUlaeTbq)cw
zj`n(mbhex}mKbG4OFz1a<GgUwnQgl4Ofe!!!_f&ZC27xz05i@{p<D9$`7yS4OrEZ-
zmPMtxbDjWn<ezM18V>`r1!$AeYXa`Q&q5OJl5EX54jSv#g*=395r|(lc6mcje!dMs
zZ`o@5Z3r?cncE7k61B0L^c*J4BY_0QvdEoyl#<|<M&g%$>;pR&zV6@(R7PN@_?puz
zZ|O&6KyF_V^^fTI{~2-LM5jmlEnAW3yw%CYQ6$mHyAp5c$VZ|QiA{;A+>WMT7iZTb
zr}KuyTgVyW2Crg5H<qHkT%2E`^ETpg0nib^h&yRswD<Ap*NCev)(47s-1Ro%Vs^9;
zI%*s=16PSo4&X72Z<qM|3#;}FxH=qCLRbCg2Iz0qv9U9@Fm?N%qt!Fu_VDfRf4e{2
zQTm*^mJa%6b^HKUXYyQvFqMo4;B<_!z{Hr7aT%2!e$Xs)bc31U|8;)ojvj%t6j({-
z5Y&b%lzMf)QB!4BqyEh$1pWKAzbGS`jWm3VzEH&Wm0B4WpwuxqB*bM`-~SOy5(0NI
zQKj8#qc&kyW7dK!{`$`WkPBrdRTIa1)4;(=ueNTfcPox>s^dN#oXL<{KpaIeMK+vr
z8kQ&bDAT&RX1QS8C)DwrNI*|BI?<rxkP@KS<&)-iP)@(HIPjp)ly!r=^;+3UO>vV^
z=H^Zxu3NWoCEwK9Zo|H`b+zAs8j>u}TqHy%I$lW0W0CZAWxh}e&+5HSX0G_QZMHr9
z3g)6?i?Y{}?57GXj>#DdRlPM!EUy{DfVfnTH9kvM>~U|VAbQ)QH6ED_Yva&v1k^x<
zq;zG)S8$gQjZX;`4MbzGt~Mv0FtvLO{5b&~-uOTJe+4VM2WV52Yrp|eUDT6o4IGb=
zAnToSIVB)i^~4EmLZAbJ)uAT3J>&cOAQD9Q+(}}jw_x?g$a?<@R=DqPUsseIQ>%nX
z@qf&cOK)kGI#-a<$ES^%v%SOEMYx8zdr%pv;HE2?8!Cp&x)L<WPmnFDqn06m;IY`<
za~B^&vbj^D%T`B|3NSoY8Q<qfnJ8?PD$ByVb5G%_T#N7zN*}%SyjO1NUFa}cqqU-=
za@8qqb6y&uwf(Z@RAM`(k<V^fjJ`79G=^_p(C{U>qPO5S))r6o%6X(I{7Q7KEUr)6
z<5=@y<GY<Uj82*kHIzRHj>pmb@(s}IWYaTTIelG)zse646wf*{b@5){dfLYB!4`n*
zT)KilDKhpS!Qi|RYwyDSeB||+&18P@_yUoNks!LMG(cbmr^4vE%=I6-ZD($aXfNNp
zqek(SO*PWJ5o=)SNE+M#+3BtGI$a#U@jTrDtXO>Qsn#KkSiuw(!&7@^S4AN|*4HSr
zs%3J-j*9B|1pr=$B7XT1!{L2imT6<u(3HV!iYhkrNChZbA&!KnPp^r+eqd=~FG!DU
zxIseXw@q(?kOY31@j-s~D_L05dcf@=>C6Vh*#~2vz%t<=5>6JL5hkv{I_Hu(|KO?z
zo3kN+?tGU<0AW^C%erZbbx9}m&c7~!-Yhxb<_MHPX!^y-0(2)2LVr(n6h$$B0OP+H
zSv*A2hx%M;q}hl)%96%}L?oj?ujqwcD9As$!<dlUGd+#1*|veeeJ>{YgksUT!lZ=M
znMUk51&8}wqd4GvK#2uk!}a_0Fz(msA!h}s7~NU_FSDZse!T%OJ4fTGqjoR*TiGdl
z%U3>s?^w`S31@_V+GN7N%+4R#`9B3LnYXLw;K|{tx2xw6Mk_+begG(IkK8HD7)T1Z
zJ6vK$Uy85UK{BKM=|zfj#niK$1#L{9k)ai}u6kDh;AAfp21U@}aCN6w(E0=-O<wsP
zT|Au<FZ^o)(keJH->r-Hqr##)VUBdF&&T<lgCZk*1DGB3$h7a<Oe>En0&IY*=lcVV
za^pyIg3^~5RE%u62e8%|I#3ymx5Gon>md{m(G|aIZF=|E8t@yFLM&%hr!4QQM?-t&
zJ8sAIcB^^$A90k)4ngg4E;AlSkDwd$^L<~tp}5&o$e!vyYJ4)6-QPPDTD-7eVAL5k
z=cBrMII+ZR{Ni-6JE|Bi7$SvL0{brKIN|c<JTggrw{mF#HV8y$cXC@bn~RH8JVi1C
z%|TMD0~?}bzI0_?`NmQ^x9Iz9?pcx}9%9T&R@>teEk?21?!-|A0F>nefU;@np0dva
zE;(H0SrtV@!?3VCJ3irc=yd#MfIcVIE8i%NPoZ`3nd7GVA^<RAH9V=-Nbk%vr*l)g
z(4#|d|LSwlQ&+oTa3SxZ(noqRepSi#FwIfjUl9oeQNgQgBtq?$zUy&Y>ZW~Lz`oUx
zXUNi)eGz2Y$e9eT8?4Zp*KBYw@zxtd<f0(Cf*ZFR)H&AeNS#Mhv9l0PFmV4~FWw?c
z#n0K*GB7mGq`fUXdeHItp+6OUKInLZEhH(}>&u*jWQ%qM!ZBM2fREL&*@8UwzFwwk
zGW~+ReuwkoSW!av*?XabcHJ@oM|r-2`^M1Ha$iN9D!FWSeanVbuh_GILvObu{r>$q
zTcyf%)-yRFBhoS%E>0|oqj-mH<L?~{Wq9;tSii`l4}||DZSEZlpiHKZO+y1m)0>v<
z_63WKYws<lZ7>&2C44KB=k$<?8LNpPA;`e6m>Aw~{@$_5;3`n6v+8vKWpY%um{C9V
zHII0<f`6tz`TNWY_b@yBUuAN-4wtCMhZIDbgnc9GUZ^0}l%;&@O80}?HJRBDE7t~v
zs#!1C4uXuFv15Z>u^rGhtaUOXgM3*Pnt&aPl|WKrF;?U?HEgpR?44i`=vEeKA9^;}
zuN}+Be67rH-G-(n@G|-vuE^uYs0Y&W&)#{hASF%~;ojH_^tY51hSQ1sD`f$8EKD$w
zLO&h=wf44S{YhEB%H+2l3tBi2+%z@SR}+UW1{S_i57P(oPnpag+du0sA6)?`lf%Es
z%KMK)hjVBqlVDx%7!Ne368q5z1SE8@*1vl3A8uMv?aB#<&E5VflWpJ1Wai&x^60NJ
zIUi6apZ+S7bNitY|D{ZZCd-ooRRxsE+`8#sC;uJJpJ#t5#QdW?1pkxrIN1H?*vp@g
z)mJi=2MAeHtVrgg*|U&PvE<*7yP1sT2#mGZK(v^X;fQ!2ek56s74;l~OX#uL;ln@1
zn0lv2b{0>}kk{&Oo{xx@8DfUkTz8r2DVdpBFihc%4Pqd?0s2e>{@{4QwUeqILjs?o
z13~Ws%(K9`SUk%MvH;hItMpk)W^#sPHi1tPr#}mu&y9yDrjl$e%v)0n>+-S+An{je
zW)KSZEvEw_={_@%$h6&D@?z^8TY{Gs;cJ;w7lYbFa?NHKv<S3|*6_4gH#neWPBV{(
zxQsr1UfuCJ>{Pdyy6UD|NE}3?@jT&t*xRmHIL@el$h$n8mHeeUknvm<DaY%m)QxEu
z8J?T*GYwgzZSX%Lg2JN3G!L^kjv99D2{YT=pIl74+bnhM*0wbP?+ElF1_>50j<mgq
zm8|I2qg!E(#UXMQixiXRp!meCl_30jX#vneAU>Ssmj{i?X;d%T4X-Qc6v`$3Amf+i
zwf5Y9AZz%zL6sb)jjiG+H(+TP$B2&yEn=(h_kgMHw+%!fsHAZZcxfS+7DN`9faLsk
zTnkAIcu<|RpM7xD=XS2$_DfyH!2VISLD^M?yB%{T?Ry$b3l^jP@-i2ngBW}|af=7n
z-7i{XS#V`eSBnD(w20zqx|MSa;t39V8EOt*p1iZB>3Wo_la}kXwpT-kpW&057?L3}
zT`B6qDsrrpq)orrynAm7<4p;1H!}9%xxdhEn8(2&Ga4YfpJ`m*;<!xfYB1GPJTPCn
z@B@|L!H-q1$g_+?Z>OWy3;UDSBK32$4+;`y=m~N({7_s=iSAJ)B$Q9*t{Jgg8ZTD4
zQ&(-btH+>oKb*kVJXm8>QNaPV=6`!-p*H{|;*mxO48my0PY_yAtREJh!<VqqYpj<`
zI0Nj2+(vH%S#DM;pUD`_J)2~bQczX^1$#oaqn};RJ@58vFI|T-2%tFZR=*TS9ma~j
zG3aeMUu(-KL}@yleOu1q-=0|@etTv?{LeEBd|80yoR~6&FEQ4Z5c-7)r3V=2O>y$y
z6sIxZ;LYlE(YIy^R;?-$L+_%saK6n~9>{O=mHc;+i7_&RA&$U0l@jIr;Htnks}n|;
zM*{);&Vq3AQCxys2B}N_aTe@c>KYGMh&W_5VcX7tvfek<Us|A|BKd0&1UG%8kAKIa
z*y+tM7rw;S8=b$voc3FBWN?CTD@NWSx;xYwYD>p;qvZ-dnZsA`AAQC1Bq@5fq0D=;
zI$deVj#E*%y)}x10IQP*2Y6+{3iz2@Gwheu;Q+j{khvT7hm*zZY$41uKAiE@37#C_
zWf-5EW&hjiBoDzY{FAW$Ua#z}oy{z4|F6Z)hU4$`s!K@ttQfJ-OhQ7!wipprNJ8jd
zMxyyJz<RW?TS6!vSdQYS2cS$gxBsys@aW)nW%-NEH@!JMCp02~gy^JAIwl(x5;A_}
zyLb6yA8X)uX!JeFD>C$i*su&7@(~2DL;csqvm!z~<V7o#w86)JE}pXx5wqvsE}o}X
zewqVt9V80-{59sOZ2fr7@DpS@V?%~FIDb?WA}Cd<l4P8=HY<Ol@|NeLyNd%iRB&CZ
z1~uwb<YM2l&exV=m;0g|yBGrS<2YcW&+noc_G^>7J|0($AZ5+b@s-18R%@T6bv&(D
zjP9IH=A<ZsJSvWc^0aky@N^*9YT7K>B(=ut;O)ayTzv3|XFaA!xiiD#K@AX#$eR9m
z_X8MXw~+Ts{n?tQUmMz<>!ewbSc9)*!a!8bIlcVNlFqPx7)N3%au&esybQR=dR=F}
znVkqI%&p(Mxww9r9wncGQjuKJ4_5vUSdHH2&+hjpoeH!#GUmV9<j<nS#=mxR&SZRh
zkPS#&!PQhp=U;7dp@2J-=kxhHK%0zM7HB^T`*TInkwNW5F3ZTwl7Ky3)J@hA{3>6e
z%{A&(G#cSpG-h(rV*!dG{rjdNs&dA_*S2I{#$Z;}vrFrrnK4p&l{=p;yPs;!V`_t$
zGP^#ztzP$GWyio@iL5xO8;pIV=1s}YzKhUczOjGVvSc1vYkBbe`b8T;#b?^%1ZOtn
zTfitzbDZ7AHF|?0SuP@;!J`UWCdBT{s%5A2gXYK1BadAN?COSpURh9f3F}8s99mbb
zdM$<w_3qp=Bk@X0Lr`tg<K7J6P2e&F&OMvutc_6?oCmzJP)!I-KBKm@P^9|jm4%Q?
zG9nmIL`i)Gp;$D)D+|!SUs?E<I{C2h?Ue<rs~arVAu4mB(T&e3kI6(4Z?C%)6amI7
zmxpR*rsz@tu(P23wwfR1W&B>vpW-x~Z_xq3PAx@RgAWlm%8I$^acF90v|7b`v_u*N
z*1}1E(NX`r=^GK6-wO!<b_^if1U<W40eJqdX~Ck!LX>*%Cvn@`Uq?X^zmI}SGna|p
z4Y|Xbjmlc|!*7JHtVh3HA%^_{b^v%j|C`ad`-SKKTFrBQ<N1TBOTJuIbaK@2HCq3_
z(czAr0~npKthd#CT~@*02IEhi>|TqkC=;ijFA(r!0$cO0Cd296jA~nMG<448kI^xG
zGdf(qjn46Z8J+PzMhEfkFQfB45Mqnko!-{X0-w+8-+&#e52cp>^vQppJpW%D&L6b_
zoB~a?9SYB|6lM~!&q6{{0t*TG7IFYiflRPOtcL;FYIgXicYM^t^yasQzvPB4hh}NX
zFOMd2CCCqHul-!@hZbK7&3)c3GGA#6m=aU>Trw<z6X*Ze$+^cfz5j6>xhtp3InI`>
z5}M0Wa;w%PxrBy7Zkr+@nwm&0mt4v@NbaRrJF%MEoR)hoNh)-)m{<y-!V(pACVt=V
zq2J^Cb$L8?dhD^sWBcd*eC+c0?z8vnf(!Y(<AG$7sfNO?r7DBi+xpVcQF<Z2u>&f|
zPu^zsnG4_Nqj}XSrJsBCuL1oEVqTO;xeM+UHCBp6^590t4eVENxTc7SJ%TTBG$^Yw
zS^wAMDf>u&d`|t2OU;B~OFi+BQ#DmBC}ZyMU3_c#2i@G1Pn-9ZsFTJgpT>V7w-4!7
zdiQ1JKX3P_-lO)hT$}&ddo8GyH#PZq2LvOwpR%;1B0`7k@&jL&BXx53uvBVe8dS@f
zi!0K;4>0x*o-PhKfy=n^{dh@;mP+4K<rbua@OVA1JK&?2t~Jx<YJA!ct$YsyJ++)t
z<8r5gQ+u%=)XH&6jxlM}ctE_04m~gvLJa=~+H`cP$*<9=aobaE{VnbfkQ2xWtE7}j
z2TbZj^=X6QLPpM4#73V9)oX~{4FfjGlbw{Mrr;)7X-Cq#c#KY4?0^RYoAK_RdZm*3
z&Z75@xkGxSSXrY8V$um8|F69P1sl@uA=@swZq-`Kchh~a$ldF+pWo^YWrW!N8+fKy
zv)izX=GeE!bOXzW7}SL)8SlI9o*w<qQ5{5j_BBLvb%;}DD^*CHarAqv6_s0$ybQpe
zRX>R#Z%&v0dXvC(q9c)aY?^)O%##PA6-^!LNjk1sXY%!3TPs&eXnbxfu$#!3RLR<y
z+@2i{_?0WOiF#L1YbL*?Q{!4a#_S3kD*M8Q$1DfU^ur1o55K^rilw-Y;DrpOHS!7y
z^UX2N%V>x?2{Bn2xk$6cD%L`E==<pIs3?&g7dbeOgO_P`)7sVL8}B`v5v-X?7td=_
z3IFyhC>n4;?do^@2w3UD?v;pqv{BI;Loe39(g^k|uuiab0qx3T9_{M4LcWLkW6^Bn
z4zc&ri7%+fkgE{xYK&usx02jmtbMbw>@~l;x1^)BuP`)#ro6lZW)G~8_9P!RO?JO6
z;~9fzC@*o1;l9cQB8WS!fPD_z8jK(YUIHVC=fMaf7tB1j&FqmWJCD{}{l9nx-6I=b
zUV~45oInHjIh0uU3vzvCKlV9YyPtIh`7JqmK$b0AmB<b;b;<)OU9$Y>O{-j#Wk(zs
zJsknbP3NX7U64ScfK-KZ&EN=MC!LtCbSV<42P$2Vaag(0!xJtqN7+pVvwg`@k1xyo
zu;{?|IpD?SKOb@S_iP0WI$+Pj@OJ(+O0J^F_|@Q>(b3l??7K39CB4IZxk}oM?1~3d
z!AYr#c`e`9mTI<@;Ln{|znL1F#N<<uGV!!wGnTF1vRdGT)5$NdE=lX2e7M%li7ZLK
z6~V}stADoa>&NyZ^6M;7h2)EwtC=#PN*7H{f_VFJgd!gx_iS2}XxNN%;u~NJuwrBA
z6GhJAP8(>K?>*cw;-V6`k9&5^MT3mqRfARVrUxbab^OkIZm8?mSJ!$spfOOntV>4=
zO(-J}wfybe0|~231|FogAvof1+lght{@6Tf=g#VV#ks#MvhD6XD6dmH(O0w<)!+Xh
zUPe_|f#E@3-ig2$1X)k9H$^y+l8c-Pw&lz*{QKi?ef6c!2i&lEI<{e$V$AY4ss2^%
zu)m21vSD|MB98ag$|jqGE+6NOzGb;PJ#OagJ!dv#xEs;R*n-;|`gf<hYzTPK={5ek
zin1E?2F8QlKs2r}!JMkrX%UimJiO}D#O<lxDtir?3XOvPbAJ+U8mmp8al#&|BKQ{;
zVHac8eQco#$2y263U9eTQzT{ihk5jQdbff6kq^(Yy7-4%n360TB(eBY6p=;LJ;O1H
z;!jBF1T~KF91p&d%yrBSbbZIdzp5%7((^-^#borLj`onoK4=UEHs&)PQPvl6Sm`JI
z@2jXi@sTj4T6|CKtdq#xvt>zmL~gCd)hAD5lAJR?iJ$z?MT$JdOQ-Vb+lE^D`+bQ=
zyVsyI(?nWIE}pNQG-}QvzLJXoT*(QeDLrS{<41ZnQJF5e@3wu5v!XF?StuJ?yZIPZ
zo*qQ4`RCi8)Tl2W{Xo|OQ6U1j><pNR0x1a*Uxl3T9HtkTl316=EX)R7$utDuN_OwZ
zfUabkC=ipdX_EP*9JYoLTwAMUWF_Tb)j?0r&ZK96+nnB)&7Lh_lT-rBUh@ma2<2_y
zS8!hDhL<L9l;qumI;a+F?HCU>NqPK2sQ$M}>Q!9JEtVe5R`j{TqddT%lm5(Uv$OG`
z-c6Ktut_S&+UOrqz@QT;Eo-^a&Q>3g%r|3IRv1*h=63fo_r59Sl3Kt+juDuAelz-E
z*O+JN>HK4Ap7v&9Cd_W%X4SaTZh0FnSIbq+>|KuG4&#AA*5opF;EFoU<Pbd|R|Mvm
zQtq`r8Y$Um>r?}TA$;$!N3+;Vxltolh2xx?mD?S;i*|3vppy=*qWd2j;Qgvxm);e9
z-FQo)p_P^W&K%X{rPA8^?M_C6i?{BU2u;+QG%?94emvbIrR@eZNwv&0Nv#H(q!fTA
zse<Vysq6UCH;^VN<Pt)Ej5%OR{>XkAIw5XtAuNJgv`}j%0%+3|5)uaPVQ0Zd3wCIV
zO?PO{(ywL@hZp2Qhm(N~5@h&-b$Nnu;DuOF&VVG0GjBbXU<`Nz4wOMy0%OeT!x3yc
zyz&A%y<r)2`dp)?VDsS#cj)|Wa&za;_j@B42OesLatc?%I15Ky1p|%3B6v`c4{9OM
z>_DDiBzR;9N>Wx_h%`4qBp3@G5`eO(Dp1zKkpaOta7Qqdvr-+#S<oLW7zb_ugmRKJ
zp`1Btm0;uHmLKSNA?-Qif9^{?SL26b0`;Mo1r>kb)y$*z&%Rp1H9aVXhn)xWlkXXP
ze-EX28qPzR{a;tG4+g%ogF;>yLm>-q@C4()|D!`W*5**o&%Fxxp&UBB5<h$TfBANa
UiG#nbD}Y<LgpiQ-KJeN9051#`RsaA1

literal 0
HcmV?d00001

diff --git a/fuzzing/plugins/Makefile b/fuzzing/plugins/Makefile
new file mode 100644
index 00000000..a6fdef50
--- /dev/null
+++ b/fuzzing/plugins/Makefile
@@ -0,0 +1,7 @@
+.PHONY: all clean
+
+all:
+	$(MAKE) -C dynamic-security $@
+
+clean:
+	$(MAKE) -C dynamic-security $@
diff --git a/fuzzing/plugins/dynamic-security/Makefile b/fuzzing/plugins/dynamic-security/Makefile
new file mode 100644
index 00000000..ee90529a
--- /dev/null
+++ b/fuzzing/plugins/dynamic-security/Makefile
@@ -0,0 +1,23 @@
+R=../../..
+.PHONY: all clean
+
+FUZZERS:= \
+	dynsec_fuzz_load
+
+LOCAL_CPPFLAGS:=$(CPPFLAGS) -I${R} -I${R}/common -I${R}/include -I${R}/lib -I${R}/src \
+	-DWITH_BRIDGE -DWITH_BROKER -DWITH_CONTROL -DWITH_EC -DWITH_EPOLL \
+	-DWITH_MEMORY_TRACKING -DWITH_PERSISTENCE -DWITH_SOCKS -DWITH_SYSTEMD \
+	-DWITH_SYS_TREE -DWITH_TLS -DWITH_TLS_PSK -DWITH_UNIX_SOCKETS -DWITH_WEBSOCKETS=WS_IS_BUILTIN
+LOCAL_CXXFLAGS:=$(CXXFLAGS) -g -Wall -Werror -pthread
+LOCAL_LDFLAGS:=$(LDFLAGS)
+LOCAL_LIBADD:=$(LIBADD) $(LIB_FUZZING_ENGINE) ${R}/plugins/dynamic-security/mosquitto_dynamic_security.a ${R}/src/mosquitto_broker.a -lssl -lcrypto -lcjson
+
+all: $(FUZZERS)
+
+dynsec_fuzz_load : dynsec_fuzz_load.cpp
+	$(CXX) $(LOCAL_CXXFLAGS) $(LOCAL_CPPFLAGS) $(LOCAL_LDFLAGS) -o $@ $^ $(LOCAL_LIBADD)
+	install $@ ${OUT}/$@
+	cp ${R}/fuzzing/corpora/dynsec_config_seed_corpus.zip ${OUT}/$@_seed_corpus.zip
+
+clean:
+	rm -f *.o $(FUZZERS) *.gcno *.gcda
diff --git a/fuzzing/plugins/dynamic-security/dynsec_fuzz_load.cpp b/fuzzing/plugins/dynamic-security/dynsec_fuzz_load.cpp
new file mode 100644
index 00000000..33e40b94
--- /dev/null
+++ b/fuzzing/plugins/dynamic-security/dynsec_fuzz_load.cpp
@@ -0,0 +1,81 @@
+/*
+Copyright (c) 2023 Cedalo GmbH
+
+All rights reserved. This program and the accompanying materials
+are made available under the terms of the Eclipse Public License 2.0
+and Eclipse Distribution License v1.0 which accompany this distribution.
+
+The Eclipse Public License is available at
+   https://www.eclipse.org/legal/epl-2.0/
+and the Eclipse Distribution License is available at
+  http://www.eclipse.org/org/documents/edl-v10.php.
+
+SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
+
+Contributors:
+   Roger Light - initial implementation and documentation.
+*/
+
+#include <cstdio>
+#include <cstdint>
+#include <cstdlib>
+#include <cstring>
+#include <unistd.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <mosquitto_plugin.h>
+#include <mosquitto_broker_internal.h>
+
+#ifdef __cplusplus
+}
+#endif
+
+/*
+ * Test loading a file
+ */
+
+extern struct mosquitto_db db;
+
+void run_dynsec(char *filename)
+{
+	struct mosquitto_plugin_id_t identifier;
+	struct mosquitto_opt options[1];
+
+	db.config = (struct mosquitto__config *)calloc(1, sizeof(struct mosquitto__config));
+	log__init(db.config);
+
+	memset(&identifier, 0, sizeof(identifier));
+
+	options[0].key = strdup("config_file");
+	options[0].value = filename;
+
+	mosquitto_plugin_init(&identifier, NULL, options, 1);
+	mosquitto_plugin_cleanup(NULL, options, 1);
+
+	free(options[0].key);
+	free(db.config);
+	free(identifier.plugin_name);
+	free(identifier.plugin_version);
+	db.config = NULL;
+}
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+	char filename[100];
+	FILE *fptr;
+
+	snprintf(filename, sizeof(filename), "/tmp/dynsec%d.conf", getpid());
+	fptr = fopen(filename, "wb");
+	if(!fptr) return 1;
+	fwrite(data, 1, size, fptr);
+	fclose(fptr);
+
+	run_dynsec(filename);
+
+	unlink(filename);
+
+	return 0;
+}
diff --git a/plugins/dynamic-security/Makefile b/plugins/dynamic-security/Makefile
index 4900a8ff..20e2eaa2 100644
--- a/plugins/dynamic-security/Makefile
+++ b/plugins/dynamic-security/Makefile
@@ -40,9 +40,18 @@ endif
 all : ${ALL_DEPS}
 binary : ${PLUGIN_NAME}.so
 
+ifeq ($(WITH_FUZZING),yes)
+binary : ${PLUGIN_NAME}.a
+else
+binary : ${PLUGIN_NAME}.so
+endif
+
 ${PLUGIN_NAME}.so : ${OBJS}
 	${CROSS_COMPILE}${CC} $(PLUGIN_LDFLAGS) -fPIC -shared $^ -o $@ -lcjson
 
+${PLUGIN_NAME}.a : ${OBJS}
+	${CROSS_COMPILE}$(AR) cr $@ $^
+
 acl.o : acl.c dynamic_security.h
 	${CROSS_COMPILE}${CC} $(LOCAL_CPPFLAGS) $(PLUGIN_CPPFLAGS) $(PLUGIN_CFLAGS) -c $< -o $@
 
diff --git a/plugins/dynamic-security/plugin.c b/plugins/dynamic-security/plugin.c
index 15e2a8d2..767f8582 100644
--- a/plugins/dynamic-security/plugin.c
+++ b/plugins/dynamic-security/plugin.c
@@ -139,5 +139,10 @@ int mosquitto_plugin_cleanup(void *user_data, struct mosquitto_opt *options, int
 	mosquitto_free(dynsec_data.password_init_file);
 	dynsec_data.password_init_file = NULL;
 
+	mosquitto_callback_unregister(plg_id, MOSQ_EVT_CONTROL, dynsec_control_callback, "$CONTROL/dynamic-security/v1");
+	mosquitto_callback_unregister(plg_id, MOSQ_EVT_BASIC_AUTH, dynsec_auth__basic_auth_callback, NULL);
+	mosquitto_callback_unregister(plg_id, MOSQ_EVT_ACL_CHECK, dynsec__acl_check_callback, NULL);
+	mosquitto_callback_unregister(plg_id, MOSQ_EVT_TICK, dynsec__tick_callback, NULL);
+
 	return MOSQ_ERR_SUCCESS;
 }