Coverity-updates archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

New Defects reported by Coverity Scan for NetBSD-i386-user



Hi,

Please find the latest report on new defect(s) introduced to NetBSD-i386-user found with Coverity Scan.

200 new defect(s) introduced to NetBSD-i386-user found with Coverity Scan.
334 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 20 of 200 defect(s)


** CID 274427:  Null pointer dereferences  (FORWARD_NULL)
/sys/net/if_srt.c: 487 in srt_ioctl()


________________________________________________________________________________________________________
*** CID 274427:  Null pointer dereferences  (FORWARD_NULL)
/sys/net/if_srt.c: 487 in srt_ioctl()
481     		if (i < sc->nrt) {
482     			memcpy(sc->rts+i, sc->rts+i+1,
483     			    (sc->nrt-i)*sizeof(*sc->rts));
484     		}
485     		if (sc->nrt == 0) {
486     			free(sc->rts, M_DEVBUF);
>>>     CID 274427:  Null pointer dereferences  (FORWARD_NULL)
>>>     Assigning: "sc->rts" = "NULL".
487     			sc->rts = 0;
488     			sc->intf.if_flags &= ~IFF_UP;
489     		}
490     		update_mtu(sc);
491     		return 0;
492     	case SRT_SFLAGS:

** CID 460069:  Control flow issues  (DEADCODE)
/home/phil/cov/xsrc/external/mit/xf86-video-ati/xorg-server-copy/msp3430.c: 486 in InitMSP34x5D()


________________________________________________________________________________________________________
*** CID 460069:  Control flow issues  (DEADCODE)
/home/phil/cov/xsrc/external/mit/xf86-video-ati/xorg-server-copy/msp3430.c: 486 in InitMSP34x5D()
480     		default:
481     		    standard=MSPSTANDARD_AUTO;
482     		}
483     		
484     	    /*no NICAM support in MSP3410D - force to autodetect*/
485     	    if ((m->chip_id==0x405) && (standard>=MSPSTANDARD_NICAM_BG))
>>>     CID 460069:  Control flow issues  (DEADCODE)
>>>     Execution cannot reach this statement: "standard = 1;".
486         		standard=MSPSTANDARD_AUTO;
487     		    
488     	    if (m->c_standard != standard) {
489     
490        	        SetMSP3430Data (m, WR_DEM, 0x00, 0x20, standard>>8, standard & 0xFF);
491     	        if (standard==MSPSTANDARD_AUTO) {

** CID 709075:  Control flow issues  (DEADCODE)
/external/gpl3/gdb/dist/gdb/common/signals.c: 342 in gdb_signal_from_host()


________________________________________________________________________________________________________
*** CID 709075:  Control flow issues  (DEADCODE)
/external/gpl3/gdb/dist/gdb/common/signals.c: 342 in gdb_signal_from_host()
336       if (hostsig >= REALTIME_LO && hostsig < REALTIME_HI)
337         {
338           /* This block of GDB_SIGNAL_REALTIME value is in order.  */
339           if (33 <= hostsig && hostsig <= 63)
340     	return (enum gdb_signal)
341     	  (hostsig - 33 + (int) GDB_SIGNAL_REALTIME_33);
>>>     CID 709075:  Control flow issues  (DEADCODE)
>>>     Execution cannot reach this statement: "if (hostsig == 32)
  return...".
342           else if (hostsig == 32)
343     	return GDB_SIGNAL_REALTIME_32;
344           else if (64 <= hostsig && hostsig <= 127)
345     	return (enum gdb_signal)
346     	  (hostsig - 64 + (int) GDB_SIGNAL_REALTIME_64);
347           else

** CID 975000:  Error handling issues  (CHECKED_RETURN)


________________________________________________________________________________________________________
*** CID 975000:  Error handling issues  (CHECKED_RETURN)
/external/bsd/tmux/dist/cmd-pipe-pane.c: 122 in cmd_pipe_pane_exec()
116     			_exit(1);
117     		if (dup2(null_fd, STDERR_FILENO) == -1)
118     			_exit(1);
119     		if (null_fd != STDOUT_FILENO && null_fd != STDERR_FILENO)
120     			close(null_fd);
121     
>>>     CID 975000:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "closefrom(3)" without checking return value. It wraps a library function that may fail and return an error code.
122     		closefrom(STDERR_FILENO + 1);
123     
124     		execl(_PATH_BSHELL, "sh", "-c", cmd, (char *) NULL);
125     		_exit(1);
126     	default:
127     		/* Parent process. */

** CID 975002:  Error handling issues  (CHECKED_RETURN)


________________________________________________________________________________________________________
*** CID 975002:  Error handling issues  (CHECKED_RETURN)
/external/bsd/tmux/dist/job.c: 94 in job_run()
88     			fatal("open failed");
89     		if (dup2(nullfd, STDERR_FILENO) == -1)
90     			fatal("dup2 failed");
91     		if (nullfd != STDERR_FILENO)
92     			close(nullfd);
93     
>>>     CID 975002:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "closefrom(3)" without checking return value. It wraps a library function that may fail and return an error code.
94     		closefrom(STDERR_FILENO + 1);
95     
96     		execl(_PATH_BSHELL, "sh", "-c", cmd, (char *) NULL);
97     		fatal("execl failed");
98     	}
99     

** CID 976707:  Error handling issues  (NEGATIVE_RETURNS)
/external/bsd/tmux/dist/cmd-pipe-pane.c: 115 in cmd_pipe_pane_exec()


________________________________________________________________________________________________________
*** CID 976707:  Error handling issues  (NEGATIVE_RETURNS)
/external/bsd/tmux/dist/cmd-pipe-pane.c: 115 in cmd_pipe_pane_exec()
109     		if (dup2(pipe_fd[1], STDIN_FILENO) == -1)
110     			_exit(1);
111     		if (pipe_fd[1] != STDIN_FILENO)
112     			close(pipe_fd[1]);
113     
114     		null_fd = open(_PATH_DEVNULL, O_WRONLY, 0);
>>>     CID 976707:  Error handling issues  (NEGATIVE_RETURNS)
>>>     "null_fd" is passed to a parameter that cannot be negative. [Note: The source code implementation of the function has been overridden by a builtin model.]
115     		if (dup2(null_fd, STDOUT_FILENO) == -1)
116     			_exit(1);
117     		if (dup2(null_fd, STDERR_FILENO) == -1)
118     			_exit(1);
119     		if (null_fd != STDOUT_FILENO && null_fd != STDERR_FILENO)
120     			close(null_fd);

** CID 980104:  Error handling issues  (CHECKED_RETURN)
/sys/net/ppp_tty.c: 883 in pppasyncctlp()


________________________________________________________________________________________________________
*** CID 980104:  Error handling issues  (CHECKED_RETURN)
/sys/net/ppp_tty.c: 883 in pppasyncctlp()
877     {
878         struct tty *tp;
879     
880         /* Put a placeholder byte in canq for ttselect()/ttnread(). */
881         mutex_spin_enter(&tty_lock);
882         tp = (struct tty *) sc->sc_devp;
>>>     CID 980104:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "putc" without checking return value (as is done elsewhere 13 out of 15 times).
883         putc(0, &tp->t_canq);
884         ttwakeup(tp);
885         mutex_spin_exit(&tty_lock);
886     }
887     
888     /*

** CID 980105:  Error handling issues  (CHECKED_RETURN)
/sys/net/ppp_tty.c: 358 in pppread()


________________________________________________________________________________________________________
*** CID 980105:  Error handling issues  (CHECKED_RETURN)
/sys/net/ppp_tty.c: 358 in pppread()
352     	    mutex_spin_exit(&tty_lock);
353     	    return error;
354     	}
355         }
356     
357         /* Pull place-holder byte out of canonical queue */
>>>     CID 980105:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "getc(&tp->t_canq)" without checking return value. This library function may fail and return an error code. [Note: The source code implementation of the function has been overridden by a builtin model.]
358         getc(&tp->t_canq);
359     
360         /* Get the packet from the input queue */
361         IF_DEQUEUE(&sc->sc_inq, m0);
362         mutex_spin_exit(&tty_lock);
363     

** CID 980441:  Memory - corruptions  (OVERRUN)
/sys/net/slcompress.c: 281 in sl_compress_tcp()


________________________________________________________________________________________________________
*** CID 980441:  Memory - corruptions  (OVERRUN)
/sys/net/slcompress.c: 281 in sl_compress_tcp()
275     	deltaS = hlen;
276     	hlen += th->th_off;
277     	hlen <<= 2;
278     	if (hlen > m->m_len)
279     		return (TYPE_IP);
280     
>>>     CID 980441:  Memory - corruptions  (OVERRUN)
>>>     Overrunning struct type ip of 20 bytes by passing it to a function which accesses it at byte offset 20.
281     	if (((uint16_t *)ip)[0] != ((uint16_t *)&cs->cs_ip)[0] ||
282     	    ((uint16_t *)ip)[3] != ((uint16_t *)&cs->cs_ip)[3] ||
283     	    ((uint16_t *)ip)[4] != ((uint16_t *)&cs->cs_ip)[4] ||
284     	    th->th_off != oth->th_off ||
285     	    (deltaS > 5 &&
286     	     memcmp(ip + 1, &cs->cs_ip + 1, (deltaS - 5) << 2)) ||

** CID 980442:  Memory - corruptions  (OVERRUN)
/sys/net/slcompress.c: 508 in sl_uncompress_tcp_core()


________________________________________________________________________________________________________
*** CID 980442:  Memory - corruptions  (OVERRUN)
/sys/net/slcompress.c: 508 in sl_uncompress_tcp_core()
502     		hlen = ip->ip_hl << 2;
503     		if (hlen + sizeof(struct tcphdr) > buflen)
504     			goto bad;
505     		hlen += ((struct tcphdr *)&((char *)ip)[hlen])->th_off << 2;
506     		if (hlen > MAX_HDR || hlen > buflen)
507     			goto bad;
>>>     CID 980442:  Memory - corruptions  (OVERRUN)
>>>     Overrunning struct type ip of 20 bytes by passing it to a function which accesses it at byte offset 223 using argument "hlen" (which evaluates to 224).
508     		memcpy(&cs->cs_ip, ip, hlen);
509     		cs->cs_hlen = hlen;
510     		INCR(sls_uncompressedin)
511     		*hdrp = (u_char *) &cs->cs_ip;
512     		*hlenp = hlen;
513     		return (0);

** CID 1087984:  Uninitialized variables  (UNINIT)
/external/bsd/unbound/dist/daemon/remote.c: 2538 in handle_req()


________________________________________________________________________________________________________
*** CID 1087984:  Uninitialized variables  (UNINIT)
/external/bsd/unbound/dist/daemon/remote.c: 2538 in handle_req()
2532     static void
2533     handle_req(struct daemon_remote* rc, struct rc_state* s, SSL* ssl)
2534     {
2535     	int r;
2536     	char pre[10];
2537     	char magic[7];
>>>     CID 1087984:  Uninitialized variables  (UNINIT)
>>>     Declaring variable "buf" without initializer.
2538     	char buf[1024];
2539     #ifdef USE_WINSOCK
2540     	/* makes it possible to set the socket blocking again. */
2541     	/* basically removes it from winsock_event ... */
2542     	WSAEventSelect(s->c->fd, NULL, 0);
2543     #endif

** CID 1087985:    (TAINTED_SCALAR)
/external/bsd/unbound/dist/util/tube.c: 367 in tube_read_msg()
/external/bsd/unbound/dist/util/tube.c: 374 in tube_read_msg()
/external/bsd/unbound/dist/util/tube.c: 367 in tube_read_msg()
/external/bsd/unbound/dist/util/tube.c: 374 in tube_read_msg()


________________________________________________________________________________________________________
*** CID 1087985:    (TAINTED_SCALAR)
/external/bsd/unbound/dist/util/tube.c: 367 in tube_read_msg()
361     			(void)fd_set_nonblock(fd);
362     			return 0;
363     		}
364     		d += r;
365     	}
366     	log_assert(*len < 65536*2);
>>>     CID 1087985:    (TAINTED_SCALAR)
>>>     Passing tainted variable "*len" to a tainted sink. [Note: The source code implementation of the function has been overridden by a builtin model.]
367     	*buf = (uint8_t*)malloc(*len);
368     	if(!*buf) {
369     		log_err("tube read out of memory");
370     		(void)fd_set_nonblock(fd);
371     		return 0;
372     	}
/external/bsd/unbound/dist/util/tube.c: 374 in tube_read_msg()
368     	if(!*buf) {
369     		log_err("tube read out of memory");
370     		(void)fd_set_nonblock(fd);
371     		return 0;
372     	}
373     	d = 0;
>>>     CID 1087985:    (TAINTED_SCALAR)
>>>     Using tainted variable "(ssize_t)*len" as a loop boundary.
374     	while(d < (ssize_t)*len) {
375     		if((r=read(fd, (*buf)+d, (size_t)((ssize_t)*len)-d)) == -1) {
376     			log_err("tube msg read failed: %s", strerror(errno));
377     			(void)fd_set_nonblock(fd);
378     			free(*buf);
379     			return 0;
/external/bsd/unbound/dist/util/tube.c: 367 in tube_read_msg()
361     			(void)fd_set_nonblock(fd);
362     			return 0;
363     		}
364     		d += r;
365     	}
366     	log_assert(*len < 65536*2);
>>>     CID 1087985:    (TAINTED_SCALAR)
>>>     Passing tainted variable "*len" to a tainted sink. [Note: The source code implementation of the function has been overridden by a builtin model.]
367     	*buf = (uint8_t*)malloc(*len);
368     	if(!*buf) {
369     		log_err("tube read out of memory");
370     		(void)fd_set_nonblock(fd);
371     		return 0;
372     	}
/external/bsd/unbound/dist/util/tube.c: 374 in tube_read_msg()
368     	if(!*buf) {
369     		log_err("tube read out of memory");
370     		(void)fd_set_nonblock(fd);
371     		return 0;
372     	}
373     	d = 0;
>>>     CID 1087985:    (TAINTED_SCALAR)
>>>     Using tainted variable "(ssize_t)*len" as a loop boundary.
374     	while(d < (ssize_t)*len) {
375     		if((r=read(fd, (*buf)+d, (size_t)((ssize_t)*len)-d)) == -1) {
376     			log_err("tube msg read failed: %s", strerror(errno));
377     			(void)fd_set_nonblock(fd);
378     			free(*buf);
379     			return 0;

** CID 1088002:  Memory - corruptions  (OVERRUN)
/external/bsd/unbound/dist/smallapp/unbound-anchor.c: 1385 in xml_is_zone_name()


________________________________________________________________________________________________________
*** CID 1088002:  Memory - corruptions  (OVERRUN)
/external/bsd/unbound/dist/smallapp/unbound-anchor.c: 1385 in xml_is_zone_name()
1379     	long zlen;
1380     	(void)BIO_seek(zone, 0);
1381     	zlen = BIO_get_mem_data(zone, &z);
1382     	if(!zlen || !z) return 0;
1383     	/* zero terminate */
1384     	if(zlen >= (long)sizeof(buf)) return 0;
>>>     CID 1088002:  Memory - corruptions  (OVERRUN)
>>>     Overrunning array "buf" of 1024 bytes by passing it to a function which accesses it at byte offset 4294967293 using argument "(size_t)zlen" (which evaluates to 4294967294).
1385     	memmove(buf, z, (size_t)zlen);
1386     	buf[zlen] = 0;
1387     	/* compare */
1388     	return (strncasecmp(buf, name, strlen(name)) == 0);
1389     }
1390     

** CID 1088005:  Error handling issues  (NEGATIVE_RETURNS)
/external/bsd/unbound/dist/smallapp/unbound-anchor.c: 1385 in xml_is_zone_name()


________________________________________________________________________________________________________
*** CID 1088005:  Error handling issues  (NEGATIVE_RETURNS)
/external/bsd/unbound/dist/smallapp/unbound-anchor.c: 1385 in xml_is_zone_name()
1379     	long zlen;
1380     	(void)BIO_seek(zone, 0);
1381     	zlen = BIO_get_mem_data(zone, &z);
1382     	if(!zlen || !z) return 0;
1383     	/* zero terminate */
1384     	if(zlen >= (long)sizeof(buf)) return 0;
>>>     CID 1088005:  Error handling issues  (NEGATIVE_RETURNS)
>>>     "(size_t)zlen" is passed to a parameter that cannot be negative.
1385     	memmove(buf, z, (size_t)zlen);
1386     	buf[zlen] = 0;
1387     	/* compare */
1388     	return (strncasecmp(buf, name, strlen(name)) == 0);
1389     }
1390     

** CID 1088006:  Error handling issues  (NEGATIVE_RETURNS)
/external/bsd/unbound/dist/smallapp/unbound-anchor.c: 1862 in write_root_anchor()


________________________________________________________________________________________________________
*** CID 1088006:  Error handling issues  (NEGATIVE_RETURNS)
/external/bsd/unbound/dist/smallapp/unbound-anchor.c: 1862 in write_root_anchor()
1856     	}
1857     	out = fopen(root_anchor_file, "w");
1858     	if(!out) {
1859     		if(verb) printf("%s: %s\n", root_anchor_file, strerror(errno));
1860     		return;
1861     	}
>>>     CID 1088006:  Error handling issues  (NEGATIVE_RETURNS)
>>>     "(size_t)len" is passed to a parameter that cannot be negative. [Note: The source code implementation of the function has been overridden by a builtin model.]
1862     	if(fwrite(pp, (size_t)len, 1, out) != 1) {
1863     		if(verb) printf("failed to write all data to %s\n",
1864     			root_anchor_file);
1865     		if(verb && errno != 0) printf("%s\n", strerror(errno));
1866     	}
1867     	fflush(out);

** CID 1088007:  Error handling issues  (NEGATIVE_RETURNS)
/external/bsd/unbound/dist/smallapp/unbound-anchor.c: 1059 in read_chunked_zero_terminate()


________________________________________________________________________________________________________
*** CID 1088007:  Error handling issues  (NEGATIVE_RETURNS)
/external/bsd/unbound/dist/smallapp/unbound-anchor.c: 1059 in read_chunked_zero_terminate()
1053     	if(verb>=2) printf("chunked data is %d\n", (int)l);
1054     	if(l == 0 || d == NULL) {
1055     		if(verb) printf("out of memory\n");
1056     		return NULL;
1057     	}
1058     	*len = l-1;
>>>     CID 1088007:  Error handling issues  (NEGATIVE_RETURNS)
>>>     "l" is passed to a parameter that cannot be negative. [Note: The source code implementation of the function has been overridden by a builtin model.]
1059     	data = (char*)malloc(l);
1060     	if(data == NULL) {
1061     		if(verb) printf("out of memory\n");
1062     		return NULL;
1063     	}
1064     	memcpy(data, d, l);

** CID 1088013:  Insecure data handling  (INTEGER_OVERFLOW)
/external/bsd/unbound/dist/util/tube.c: 375 in tube_read_msg()


________________________________________________________________________________________________________
*** CID 1088013:  Insecure data handling  (INTEGER_OVERFLOW)
/external/bsd/unbound/dist/util/tube.c: 375 in tube_read_msg()
369     		log_err("tube read out of memory");
370     		(void)fd_set_nonblock(fd);
371     		return 0;
372     	}
373     	d = 0;
374     	while(d < (ssize_t)*len) {
>>>     CID 1088013:  Insecure data handling  (INTEGER_OVERFLOW)
>>>     Overflowed or truncated value (or a value computed from an overflowed or truncated value) "(size_t)(ssize_t)*len - d" used as critical argument to function. [Note: The source code implementation of the function has been overridden by a builtin model.]
375     		if((r=read(fd, (*buf)+d, (size_t)((ssize_t)*len)-d)) == -1) {
376     			log_err("tube msg read failed: %s", strerror(errno));
377     			(void)fd_set_nonblock(fd);
378     			free(*buf);
379     			return 0;
380     		}

** CID 1088017:  Control flow issues  (DEADCODE)
/external/bsd/unbound/dist/util/data/msgparse.c: 663 in calc_size()


________________________________________________________________________________________________________
*** CID 1088017:  Control flow issues  (DEADCODE)
/external/bsd/unbound/dist/util/data/msgparse.c: 663 in calc_size()
657     				count--;
658     				len = 0;
659     				break;
660     			case LDNS_RDF_TYPE_STR:
661     				if(pkt_len < 1) {
662     					/* NOTREACHED, due to 'while(>0)' */
>>>     CID 1088017:  Control flow issues  (DEADCODE)
>>>     Execution cannot reach this statement: "return 0;".
663     					return 0; /* len byte exceeds rdata */
664     				}
665     				len = sldns_buffer_current(pkt)[0] + 1;
666     				break;
667     			default:
668     				len = get_rdf_size(desc->_wireformat[rdf]);

** CID 1107541:  Error handling issues  (CHECKED_RETURN)
/home/phil/cov/xsrc/external/mit/xf86-video-intel/dist/src/legacy/i810/i810_dri.c: 1405 in I810DRIEnter()


________________________________________________________________________________________________________
*** CID 1107541:  Error handling issues  (CHECKED_RETURN)
/home/phil/cov/xsrc/external/mit/xf86-video-intel/dist/src/legacy/i810/i810_dri.c: 1405 in I810DRIEnter()
1399     {
1400        I810Ptr pI810 = I810PTR(pScrn);
1401     
1402        if (pI810->directRenderingEnabled) {
1403     
1404           if (pI810->agpAcquired == FALSE)
>>>     CID 1107541:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "drmAgpAcquire" without checking return value (as is done elsewhere 5 out of 6 times).
1405     	 drmAgpAcquire(pI810->drmSubFD);
1406           pI810->agpAcquired = TRUE;
1407           if (pI810->dcacheHandle != 0)
1408     	 if (drmAgpBind(pI810->drmSubFD, pI810->dcacheHandle,
1409     			pI810->DepthOffset) != 0)
1410     	    return FALSE;

** CID 1193743:  Control flow issues  (MISSING_RESTORE)
/external/bsd/unbound/dist/util/data/msgparse.c: 239 in pkt_rrsig_covered()


________________________________________________________________________________________________________
*** CID 1193743:  Control flow issues  (MISSING_RESTORE)
/external/bsd/unbound/dist/util/data/msgparse.c: 239 in pkt_rrsig_covered()
233     pkt_rrsig_covered(sldns_buffer* pkt, uint8_t* here, uint16_t* type)
234     {
235     	size_t pos = sldns_buffer_position(pkt);
236     	sldns_buffer_set_position(pkt, (size_t)(here-sldns_buffer_begin(pkt)));
237     	/* ttl + len + size of small rrsig(rootlabel, no signature) */
238     	if(sldns_buffer_remaining(pkt) < 4+2+19)
>>>     CID 1193743:  Control flow issues  (MISSING_RESTORE)
>>>     Value of non-local "pkt->_position" that was saved in "pos" is not restored as it was along other paths.
239     		return 0;
240     	sldns_buffer_skip(pkt, 4); /* ttl */
241     	if(sldns_buffer_read_u16(pkt) < 19) /* too short */ {
242     		sldns_buffer_set_position(pkt, pos);
243     		return 0;
244     	}


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRb2JZfDAOAZcqzsy8LMBKBjZiXDg7WCnKqBB1q-2FtZ4dvE2p1AmNMmYII14NbCr9wIc-3D_XWm3CUIFU8ffmjzuNhQ8cIHoQgXzXkm61Fmjr59D05U3WIC1bnA3XjkmEPPUAdlTl0-2B9jZtFGyym4Qhy556kmhdujh6Csgp3WudxMHfU3nWLurlsIiAPD03jZqXUByRomaRuORmxgtU3FX5N51zIz-2FVIKiY81RlnXUkHhgQD-2BWhQDpUyp3JLKVGdq3t4WLLPangcWdeRPH6V2fIQEhH58szSrEtr7vC0SInD-2BISKEEw-3D

To manage Coverity Scan email notifications for "coverity-updates%netbsd.org@localhost", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4m7U7Yoel-2F6MYPxol7ToiLwYIjoNbVQOCAwEeTNJofEDwTlN0JRhKMyijhpnAObR-2FlLVG-2Fr3EBKWgiICNdX1HPA6Ws0-2F1wHBf2tG9AnMDB8g-3D_XWm3CUIFU8ffmjzuNhQ8cIHoQgXzXkm61Fmjr59D05U3WIC1bnA3XjkmEPPUAdlTl0-2B9jZtFGyym4Qhy556kmuVZeFS9kj-2Fg0d72iYCUjpTvNQxXgOAW1aQsHbkWg-2Fbvbr3SY0EcgeBvaqD1oE4tZ6Bh8wK9OX-2FchFVgTOjHVq2eQqulihv-2FbWysBcMgQgHUyXsRmbeo9qKxZz9Jw2k48PRKA9CYgdmcticbebIELKI-3D



Home | Main Index | Thread Index | Old Index