Index: channels/chan_sip.c
===================================================================
--- channels/chan_sip.c	(revision 378285)
+++ channels/chan_sip.c	(revision 378286)
@@ -2541,19 +2541,20 @@
 			int authenticated, time_t start, struct sip_threadinfo *me)
 {
 	int res, content_length, after_poll = 1, need_poll = 1;
+	size_t datalen = ast_str_strlen(req->data);
 	char buf[1024] = "";
 	int timeout = -1;
-
-	/* Read in headers one line at a time */
-	while (ast_str_strlen(req->data) < 4 || strncmp(REQ_OFFSET_TO_STR(req, data->used - 4), "\r\n\r\n", 4)) {
-		if (!tcptls_session->client && !authenticated) {
-			if ((timeout = sip_check_authtimeout(start)) < 0) {
-				ast_debug(2, "SIP SSL server failed to determine authentication timeout\n");
+ 
+ 	/* Read in headers one line at a time */
+	while (datalen < 4 || strncmp(REQ_OFFSET_TO_STR(req, data->used - 4), "\r\n\r\n", 4)) {
+ 		if (!tcptls_session->client && !authenticated) {
+ 			if ((timeout = sip_check_authtimeout(start)) < 0) {
+				ast_debug(2, "SIP TLS server failed to determine authentication timeout\n");
 				return -1;
 			}
 
 			if (timeout == 0) {
-				ast_debug(2, "SIP %s server timed out\n", tcptls_session->ssl ? "SSL": "TCP");
+				ast_debug(2, "SIP TLS server timed out\n");
 				return -1;
 			}
 		} else {
@@ -2568,11 +2569,11 @@
 			after_poll = 1;
 			res = ast_wait_for_input(tcptls_session->fd, timeout);
 			if (res < 0) {
-				ast_debug(2, "SIP TCP server :: ast_wait_for_input returned %d\n", res);
+				ast_debug(2, "SIP TLS server :: ast_wait_for_input returned %d\n", res);
 				return -1;
 			} else if (res == 0) {
 				/* timeout */
-				ast_debug(2, "SIP TCP server timed out\n");
+				ast_debug(2, "SIP TLS server timed out\n");
 				return -1;
 			}
 		}
@@ -2593,6 +2594,13 @@
 			return -1;
 		}
 		ast_str_append(&req->data, 0, "%s", buf);
+
+		datalen = ast_str_strlen(req->data);
+		if (datalen > SIP_MAX_PACKET_SIZE) {
+			ast_log(LOG_WARNING, "Rejecting TLS packet from '%s' because way too large: %zu\n",
+				ast_sockaddr_stringify(&tcptls_session->remote_address), datalen);
+			return -1;
+		}
 	}
 	copy_request(reqcpy, req);
 	parse_request(reqcpy);
@@ -2606,7 +2614,7 @@
 				}
 
 				if (timeout == 0) {
-					ast_debug(2, "SIP SSL server timed out\n");
+					ast_debug(2, "SIP TLS server timed out\n");
 					return -1;
 				}
 			} else {
@@ -2618,11 +2626,11 @@
 				after_poll = 1;
 				res = ast_wait_for_input(tcptls_session->fd, timeout);
 				if (res < 0) {
-					ast_debug(2, "SIP TCP server :: ast_wait_for_input returned %d\n", res);
+					ast_debug(2, "SIP TLS server :: ast_wait_for_input returned %d\n", res);
 					return -1;
 				} else if (res == 0) {
 					/* timeout */
-					ast_debug(2, "SIP TCP server timed out\n");
+					ast_debug(2, "SIP TLS server timed out\n");
 					return -1;
 				}
 			}
@@ -2645,6 +2653,13 @@
 			}
 			content_length -= strlen(buf);
 			ast_str_append(&req->data, 0, "%s", buf);
+		
+			datalen = ast_str_strlen(req->data);
+			if (datalen > SIP_MAX_PACKET_SIZE) {
+				ast_log(LOG_WARNING, "Rejecting TLS packet from '%s' because way too large: %zu\n",
+					ast_sockaddr_stringify(&tcptls_session->remote_address), datalen);
+				return -1;
+			}
 		}
 	}
 	/*! \todo XXX If there's no Content-Length or if the content-length and what
@@ -2818,6 +2833,8 @@
 	enum message_integrity message_integrity = MESSAGE_FRAGMENT;
 
 	while (message_integrity == MESSAGE_FRAGMENT) {
+		size_t datalen;
+
 		if (ast_str_strlen(tcptls_session->overflow_buf) == 0) {
 			char readbuf[4097];
 			int timeout;
@@ -2857,6 +2874,13 @@
 			ast_str_append(&req->data, 0, "%s", ast_str_buffer(tcptls_session->overflow_buf));
 			ast_str_reset(tcptls_session->overflow_buf);
 		}
+		
+		datalen = ast_str_strlen(req->data);
+		if (datalen > SIP_MAX_PACKET_SIZE) {
+			ast_log(LOG_WARNING, "Rejecting TCP packet from '%s' because way too large: %zu\n",
+				ast_sockaddr_stringify(&tcptls_session->remote_address), datalen);
+			return -1;
+		}
 
 		message_integrity = check_message_integrity(&req->data, &tcptls_session->overflow_buf);
 	}
@@ -2928,7 +2952,7 @@
 	}
 
 	me->threadid = pthread_self();
-	ast_debug(2, "Starting thread for %s server\n", tcptls_session->ssl ? "SSL" : "TCP");
+	ast_debug(2, "Starting thread for %s server\n", tcptls_session->ssl ? "TLS" : "TCP");
 
 	/* set up pollfd to watch for reads on both the socket and the alert_pipe */
 	fds[0].fd = tcptls_session->fd;
@@ -2962,7 +2986,7 @@
 			}
 
 			if (timeout == 0) {
-				ast_debug(2, "SIP %s server timed out\n", tcptls_session->ssl ? "SSL": "TCP");
+				ast_debug(2, "SIP %s server timed out\n", tcptls_session->ssl ? "TLS": "TCP");
 				goto cleanup;
 			}
 		} else {
@@ -2972,11 +2996,11 @@
 		if (ast_str_strlen(tcptls_session->overflow_buf) == 0) {
 			res = ast_poll(fds, 2, timeout); /* polls for both socket and alert_pipe */
 			if (res < 0) {
-				ast_debug(2, "SIP %s server :: ast_wait_for_input returned %d\n", tcptls_session->ssl ? "SSL": "TCP", res);
+				ast_debug(2, "SIP %s server :: ast_wait_for_input returned %d\n", tcptls_session->ssl ? "TLS": "TCP", res);
 				goto cleanup;
 			} else if (res == 0) {
 				/* timeout */
-				ast_debug(2, "SIP %s server timed out\n", tcptls_session->ssl ? "SSL": "TCP");
+				ast_debug(2, "SIP %s server timed out\n", tcptls_session->ssl ? "TLS": "TCP");
 				goto cleanup;
 			}
 		}
@@ -3058,7 +3082,7 @@
 		}
 	}
 
-	ast_debug(2, "Shutting down thread for %s server\n", tcptls_session->ssl ? "SSL" : "TCP");
+	ast_debug(2, "Shutting down thread for %s server\n", tcptls_session->ssl ? "TLS" : "TCP");
 
 cleanup:
 	if (tcptls_session && !tcptls_session->client && !authenticated) {
Index: channels/sip/include/sip.h
===================================================================
--- channels/sip/include/sip.h	(revision 378285)
+++ channels/sip/include/sip.h	(revision 378286)
@@ -97,6 +97,7 @@
 
 #define SIP_MAX_HEADERS           64     /*!< Max amount of SIP headers to read */
 #define SIP_MAX_LINES             256    /*!< Max amount of lines in SIP attachment (like SDP) */
+#define SIP_MAX_PACKET_SIZE       20480  /*!< Max SIP packet size */
 #define SIP_MIN_PACKET            4096   /*!< Initialize size of memory to allocate for packets */
 #define MAX_HISTORY_ENTRIES		  50	 /*!< Max entires in the history list for a sip_pvt */
 
Index: main/http.c
===================================================================
--- main/http.c	(revision 378285)
+++ main/http.c	(revision 378286)
@@ -603,6 +603,7 @@
 	int content_length = 0;
 	struct ast_variable *v, *post_vars=NULL, *prev = NULL;
 	char *buf, *var, *val;
+	int res;
 
 	for (v = headers; v; v = v->next) {
 		if (!strcasecmp(v->name, "Content-Type")) {
@@ -615,20 +616,28 @@
 
 	for (v = headers; v; v = v->next) {
 		if (!strcasecmp(v->name, "Content-Length")) {
-			content_length = atoi(v->value) + 1;
+			content_length = atoi(v->value);
 			break;
 		}
 	}
 
-	if (!content_length) {
+	if (content_length <= 0) {
 		return NULL;
 	}
 
-	buf = ast_alloca(content_length);
-	if (!fgets(buf, content_length, ser->f)) {
+	buf = ast_malloc(content_length + 1);
+	if (!buf) {
 		return NULL;
 	}
 
+	res = fread(buf, 1, content_length, ser->f);
+	if (res < content_length) {
+		/* Error, distinguishable by ferror() or feof(), but neither
+		 * is good. */
+		goto done;
+	}
+	buf[content_length] = '\0';
+
 	while ((val = strsep(&buf, "&"))) {
 		var = strsep(&val, "=");
 		if (val) {
@@ -646,6 +655,9 @@
 			prev = v;
 		}
 	}
+	
+done:
+	ast_free(buf);
 	return post_vars;
 }
 
Index: res/res_jabber.c
===================================================================
--- res/res_jabber.c	(revision 378285)
+++ res/res_jabber.c	(revision 378286)
@@ -774,7 +774,7 @@
  */
 static int acf_jabberreceive_read(struct ast_channel *chan, const char *name, char *data, char *buf, size_t buflen)
 {
-	char *aux = NULL, *parse = NULL;
+	char *parse = NULL;
 	int timeout;
 	int jidlen, resourcelen;
 	struct timeval start;
@@ -891,7 +891,7 @@
 				continue;
 			}
 			found = 1;
-			aux = ast_strdupa(tmp->message);
+			ast_copy_string(buf, tmp->message, buflen);
 			AST_LIST_REMOVE_CURRENT(list);
 			aji_message_destroy(tmp);
 			break;
@@ -916,7 +916,6 @@
 		ast_log(LOG_NOTICE, "Timed out : no message received from %s\n", args.jid);
 		return -1;
 	}
-	ast_copy_string(buf, aux, buflen);
 
 	return 0;
 }

Property changes on: .
___________________________________________________________________
Modified: branch-1.8-merged
   - /branches/1.8:1-279056,279113,279227,279273,279280,279314,279390,279410,279442,279472,279502,279504,279562,279566,279568,279598,279601,279619,279636-279815,279817,279850,279887,279916,279949,279953,280023,280058,280090,280161,280195,280225,280233,280235,280269,280302,280307,280343,280346,280391,280414,280446,280450,280519,280549,280552,280557,280624,280628,280672,280740,280742,280777-280778,280809,280879,280909,280984,281052,281085,281294,281325,281356,281358,281429,281432,281466,281529,281532,281568,281575,281650,281687,281723,281760,281764,281870,281874-281875,281913,281982,282015,282047,282066,282098,282131,282200-282201,282236,282269,282271,282302,282334,282366,282468,282470,282543,282545,282577,282608,282638-282639,282671-282672,282740,282826,282860,282891,282895,282979,283013,283050,283173,283175,283177,283207,283209,283230,283241,283319,283350,283382,283457,283493,283527,283559,283561,283595,283627,283629,283659,283692,283770,283882,283951,284032,284065,284096,284127,284158,284281,284318,284415,284473,284477,284561,284597,284610,284632,284666,284696,284698,284701,284705,284779-284780,284849-284850,284852,284921,284950,284952,284967,285006,285017,285057,285090,285161-285162,285195,285197,285268,285336,285367,285369,285371,285373,285386,285455,285484,285527,285530,285533,285564,285568,285640,285711,285745,285819,285931,285962,286112,286118,286120,286189,286270,286426,286457,286528,286558,286588,286617,286647,286682,286758,286834,286868,286904-286905,286931,287015,287017,287020,287056,287116,287120,287193,287195,287269-287271,287309,287388,287471,287559,287639,287643,287645,287647,287661,287683,287701,287757,287760,287833,287863,287893,287895,287897,287929,287931,287935,288007,288079-288080,288082,288157,288159,288194,288268,288341,288345,288418,288507,288572,288606,288638,288640,288713,288748,288821,288852,288925,288927,292740-292741,292787,292794,292825,292868,292906,292969,293119,293159,293197,293305,293341,293418,293496,293530,293611,293648,293724,293803,293807,293887,293924,293970,294047,294049,294084,294125,294207,294243,294278,294313,294349,294430,294466,294501,294535,294569,294605,294734,294740,294745,294823,294905,294911,294989,295078,295164,295201,295278,295282,295361,295404,295441,295477,295516,295670,295673,295711,295747,295866,295869,295949,296002,296084,296167,296230,296352,296354,296391,296429,296467,296534,296582,296628,296673,296787,296870,296951,296992,297075,297157-297495,297535,297607,297733,297821,297825,297909,297952,297957,297965,298051,298054,298195,298394,298478,298482,298539,298598,298685,298773,298818,298827,298960,299088,299131,299138,299248,299312,299353,299405,299449,299583,299626,299752,299794,299820,299865,299907,299948,299989,300082,300166,300214,300301,300384,300430,300433,300521,300575,300623,300714,300798,300955,301047,301090,301134,301177,301221,301263,301308,301311,301402,301446,301504,301595,301683,302462,302505,302549,302552,302555,302600,302634,302680,302713,302785,302789,302831,302834,302837,302918,302921,303009,303107,303153,303467,303549,303678,303771,303860,303907,303962,304007,304097,304150,304186,304245,304251,304339,304462,304466,304554,304638,304683,304727,304730,304774,304777,304866,304908,304950,304985,305040,305083,305603,305692,305753,305798,305838,305844,305923,306124,306127,306215,306324,306356,306575,306619,306674,306866,306962,306967,306979,306999,307065,307092,307142,307228,307273,307467,307536,307750,307793,307837,307879,307962,308010,308098,308150,308242,308288,308416,308622,308679,308723,308815,308903,308945,308991,309035,309084,309126,309170,309204,309256,309403,309445,309448,309495,309542,309585,309678,309720,309765,309808,309858,309994,310039,310088,310142,310231,310240,310287,310415,310462,310587,310636,310734,310781,310834,310902,310993,310999,311050,311141,311197,311295,311297,311342,311352,311497,311558,311612,311615,311687,311751,311799,311874,311930,312022,312117,312211,312286-312288,312461,312509,312575,312766,312866,312889,312949,313001,313048,313142,313190,313279,313366,313368-313369,313434,313517,313588,313615,313658,313700,313780,313860,314017,314067-314069,314203,314206,314251,314358,314417,314550,314628,314732,314779-314780,314959,315001,315053,315213,315259,315349,315394,315446,315452,315503,315645,315673,315765,315810,315894,316094,316193,316206,316215,316217,316224,316265,316330-316331,316334,316336,316429,316476,316617,316650,316663,316709,316831,316917-316919,317058,317104,317196,317281,317283,317336,317370,317425,317427,317429,317474,317476,317478,317480,317484,317486,317530,317584,317670,317805,317837,317865,317867,317917-317918,317967,317969,318055,318057,318142,318148,318231,318233,318282,318337,318351,318436,318499,318549-318550,318671,318720,318783,318868,318917,318919,318921,319083,319085,319142,319145,319204,319259,319365,319367,319469,319529,319552,319654,319758,319812,319866,319938,319997,320007,320057,320059,320162,320180,320237,320338,320445,320504,320560,320568,320573,320650,320716,320796,320823,320883,320947,321042,321044,321100,321155,321211,321273,321330,321333,321337,321392,321436,321511,321515,321517,321528,321537,321547,321685,321812-321813,321871,321924,321926,322069,322189,322322,322425,322484,322749,322807,322865,322923,322981,323040,323154,323213,323370-323371,323392-323394,323456,323608,323610,323669-323670,323672,323754,323859,323863,323866,323932,323990,324048,324115,324174,324176,324178,324237,324241,324364,324479,324481,324484,324491,324557,324652,324678,324685,324768,324849,324914,324955,325091,325152,325212,325339,325416,325537,325545,325610,325614,325673,325740,325821,325877,325935,326144,326209,326291,326411,326484,326681,326683,326689,326830,326985,327044,327046,327106,327211,327411,327512,327682,327793,327852,327888,327890,327950,328014,328205,328209,328302,328427,328540,328593,328608,328663,328716,328770,328823,328878,328935,328987,329027,329144,329199,329203,329299,329333,329471,329527,329529,329613,329709,329767,329895,329991,329994,330050,330107,330203,330213,330311,330368,330433,330575,330578,330581,330648,330705,330762,330827,330843,331038,331142,331146,331248,331315,331461,331517,331575,331578,331635,331649,331658,331714,331771,331774,331867,331886,331955,332021,332026,332100,332118,332176,332264,332320,332355,332446,332503,332559,332699,332759,332816-332817,332874,332876,332939,333010,333201,333265,333267,333339,333378,333569,333630,333784-333785,333836,333947,334006,334009,334012,334156,334229,334234,334296,334355,334453,334616,334620,334682,334840,334843,334953,335064,335319,335341,335433,335497,335618,335655,335720,335790,335851,335911,335978,336093,336166,336234,336294,336312,336314,336378,336440,336499,336501,336569,336572,336658,336716,336733,336791,336877,336977,337007,337061,337115,337118,337325,337344,337353,337430,337486,337541,337720,337774,337839,337898,337973,338084,338224,338227,338235,338322,338416,338492,338551,338555,338663,338718,338800,339086-339087,339144,339147,339244,339297,339352,339406,339504-339506,339511,339566,339625,339719,339776,339830,339884,339938,340108,340164,340263,340279,340284,340365,340418,340470,340522,340534,340576,340662,340715,340809,340863,340878,340970,341022,341074,341088,341108-341112,341189,341254,341312,341314,341366,341379,341435,341529,341664,341704,341717,341806,341809,342061,342223,342276,342328,342380,342383,342435,342484,342487,342545,342602,342661,342769,342869,342927,342990,343047,343102,343157,343181,343220,343276,343281,343336,343375,343577,343621,343637,343690,343791,343851,343936,344048,344102,344157-344158,344215,344268,344330,344385,344439,344536,344539,344608,344661,344715,344769,344823,344835,344837,344843,344899,344965,345062-345063,345160,345163,345219,345273,345285,345370,345431,345487,345546,345682,345828-345829,345923,345976,346030,346086,346144,346147,346239,346292,346472,346564,346697,346700,346762,346899,346951,346954,347006,347058,347111,347131,347166,347239,347292,347369,347438,347531,347595,347718,347811,347995,348101,348154,348157,348212,348310,348362,348401,348464,348516,348647,348735,348833,348888,348940,348992,349044,349144,349194,349289,349339,349450,349482,349504,349529,349558,349672,349728,349731,349819,349872,349968,350023,350679,350730,350733,350736,350788-350789,350837,350885,350888,350975,351027,351080,351130,351182,351233,351284,351287,351306,351396,351450,351504,351559,351611,351618,351707,351759,351858,351860,352014,352016,352029,352090,352144,352199,352230,352291,352367,352424,352511,352514,352551,352612,352643,352704,352755,352807,352862,352955,352959,353077,353126,353175,353260,353320,353368,353371,353454,353502,353550,353598,353720,353769-353770,353867,353915,353999,354116,354216,354263,354348,354492,354495,354542,354545,354547,354655,354702,354749,354835,354889,354953,355009,355056,355136,355182,355228,355268,355319,355365,355448,355458,355529,355574,355608,355622,355732,355746,355793,355850,355901,355904,355949,355952,355997,356107,356214,356290-356337,356430,356475,356521,356604,356650,356677,356797,356917,356963,357093,357212,357266,357352,357356,357386,357407,357416,357455,357490,357575,357665,357761,357809,357811,357894,357940,357986,358011,358029,358115,358162,358214,358260,358278,358377,358435,358438,358484,358530,358643,358810,358859,358943,358978,359050,359053,359056,359059,359069,359088,359110,359116,359157,359211,359259,359344,359356,359451-359452,359457,359486,359508,359558,359609,359656,359706,359809,359892,359979,360033,360086-360087,360138,360262,360309,360356-360357,360360,360363,360413,360471,360474,360488,360574,360625,360712,360862,360884,360933,360987,361040,361090,361142,361201,361210,361269,361329,361332,361380,361403-361412,361471,361558,361606,361657,361705,361753,361803,361854,361955,361972,362079,362082,362151,362201,362204,362253,362304,362354-362355,362359,362362,362428,362485,362536,362586,362677,362680,362729,362815,362868,362997,363102,363106,363141,363209,363375,363428,363687,363730,363788,363875,363934,363986,364046,364060,364108,364203,364258,364277,364340-364341,364578,364635,364649,364706,364769,364786,364840-364841,364899,364902,365006-365068,365143,365159,365298,365313,365398,365474,365476,365574,365631,365692,365896,365989,366048,366052,366094,366167,366240,366296,366389,366409,366547,366597,366740,366791,366880,366882,366944,367002,367027,367266,367292,367362,367416,367469,367678,367730,367781,367906,367976,367980,368039,368092,368218,368308,368405,368469,368498,368520,368533,368567,368586,368604,368625,368644,368719,368738,368759,368807,368830,368852,368873,368894,368898,368927,369001-369002,369043,369066,369108,369146,369195,369214,369235,369238,369258,369262,369282,369302,369323-369324,369327,369351-369352,369390,369436,369471,369490,369557,369579,369626,369652,369708,369731,369750,369792,369818,369869,369937,369970,369993,370014,370017,370081,370131,370183,370205,370252,370273,370275,370360,370383,370428-370429,370494,370563,370618,370642,370666,370697,370769-370771,370797,370856,370900,370923,370952,370985,370988,371011-371012,371060,371089,371141,371198,371201,371270,371306,371337,371357,371392-371393,371436,371469,371544,371590,371662,371690,371718,371747,371782,371787,371824,371860,371888,371919,371961,371998,372015,372048,372089,372158,372185,372212,372239,372339,372354,372390,372417,372444,372471,372517,372554,372581,372620,372624,372628,372655,372682,372709,372736,372763,372765,372804,372840,372902,372932,372959,373024,373061,373090,373131,373165,373236,373242,373298,373342,373424,373438,373467,373500,373504,373532,373550,373578,373617-373618,373640,373652,373666,373702,373705,373735,373768,373773,373815,373848,373878,373909,373945,373989,374032,374177,374230,374335,374365,374384,374426,374456,374475,374479,374536,374570-374581,374686,374727,374758,374802,374843,374905,374977,375025,375059,375074,375111,375146,375189,375216,375272,375299,375325,375361,375388,375415,375450,375484,375528,375594,375625,375658,375698,375727,375758,375793,375800,375862,375893,375964,375993-375994,376029,376058,376087,376142,376166,376199,376232,376262,376306-376307,376340,376389,376428,376469,376521,376586,376627,376657,376688,376725,376758,376788,376834,376864,376868,376901,376919,376950,377037,377069,377073,377104,377135,377165,377256-377257,377398,377431,377487,377509,377557,377591,377623,377655,377704,377708,377740,377771,377806,377837,377840,377847,377881,377922,377946,378036,378088,378092,378119,378217
   + /branches/1.8:1-279056,279113,279227,279273,279280,279314,279390,279410,279442,279472,279502,279504,279562,279566,279568,279598,279601,279619,279636-279815,279817,279850,279887,279916,279949,279953,280023,280058,280090,280161,280195,280225,280233,280235,280269,280302,280307,280343,280346,280391,280414,280446,280450,280519,280549,280552,280557,280624,280628,280672,280740,280742,280777-280778,280809,280879,280909,280984,281052,281085,281294,281325,281356,281358,281429,281432,281466,281529,281532,281568,281575,281650,281687,281723,281760,281764,281870,281874-281875,281913,281982,282015,282047,282066,282098,282131,282200-282201,282236,282269,282271,282302,282334,282366,282468,282470,282543,282545,282577,282608,282638-282639,282671-282672,282740,282826,282860,282891,282895,282979,283013,283050,283173,283175,283177,283207,283209,283230,283241,283319,283350,283382,283457,283493,283527,283559,283561,283595,283627,283629,283659,283692,283770,283882,283951,284032,284065,284096,284127,284158,284281,284318,284415,284473,284477,284561,284597,284610,284632,284666,284696,284698,284701,284705,284779-284780,284849-284850,284852,284921,284950,284952,284967,285006,285017,285057,285090,285161-285162,285195,285197,285268,285336,285367,285369,285371,285373,285386,285455,285484,285527,285530,285533,285564,285568,285640,285711,285745,285819,285931,285962,286112,286118,286120,286189,286270,286426,286457,286528,286558,286588,286617,286647,286682,286758,286834,286868,286904-286905,286931,287015,287017,287020,287056,287116,287120,287193,287195,287269-287271,287309,287388,287471,287559,287639,287643,287645,287647,287661,287683,287701,287757,287760,287833,287863,287893,287895,287897,287929,287931,287935,288007,288079-288080,288082,288157,288159,288194,288268,288341,288345,288418,288507,288572,288606,288638,288640,288713,288748,288821,288852,288925,288927,292740-292741,292787,292794,292825,292868,292906,292969,293119,293159,293197,293305,293341,293418,293496,293530,293611,293648,293724,293803,293807,293887,293924,293970,294047,294049,294084,294125,294207,294243,294278,294313,294349,294430,294466,294501,294535,294569,294605,294734,294740,294745,294823,294905,294911,294989,295078,295164,295201,295278,295282,295361,295404,295441,295477,295516,295670,295673,295711,295747,295866,295869,295949,296002,296084,296167,296230,296352,296354,296391,296429,296467,296534,296582,296628,296673,296787,296870,296951,296992,297075,297157-297495,297535,297607,297733,297821,297825,297909,297952,297957,297965,298051,298054,298195,298394,298478,298482,298539,298598,298685,298773,298818,298827,298960,299088,299131,299138,299248,299312,299353,299405,299449,299583,299626,299752,299794,299820,299865,299907,299948,299989,300082,300166,300214,300301,300384,300430,300433,300521,300575,300623,300714,300798,300955,301047,301090,301134,301177,301221,301263,301308,301311,301402,301446,301504,301595,301683,302462,302505,302549,302552,302555,302600,302634,302680,302713,302785,302789,302831,302834,302837,302918,302921,303009,303107,303153,303467,303549,303678,303771,303860,303907,303962,304007,304097,304150,304186,304245,304251,304339,304462,304466,304554,304638,304683,304727,304730,304774,304777,304866,304908,304950,304985,305040,305083,305603,305692,305753,305798,305838,305844,305923,306124,306127,306215,306324,306356,306575,306619,306674,306866,306962,306967,306979,306999,307065,307092,307142,307228,307273,307467,307536,307750,307793,307837,307879,307962,308010,308098,308150,308242,308288,308416,308622,308679,308723,308815,308903,308945,308991,309035,309084,309126,309170,309204,309256,309403,309445,309448,309495,309542,309585,309678,309720,309765,309808,309858,309994,310039,310088,310142,310231,310240,310287,310415,310462,310587,310636,310734,310781,310834,310902,310993,310999,311050,311141,311197,311295,311297,311342,311352,311497,311558,311612,311615,311687,311751,311799,311874,311930,312022,312117,312211,312286-312288,312461,312509,312575,312766,312866,312889,312949,313001,313048,313142,313190,313279,313366,313368-313369,313434,313517,313588,313615,313658,313700,313780,313860,314017,314067-314069,314203,314206,314251,314358,314417,314550,314628,314732,314779-314780,314959,315001,315053,315213,315259,315349,315394,315446,315452,315503,315645,315673,315765,315810,315894,316094,316193,316206,316215,316217,316224,316265,316330-316331,316334,316336,316429,316476,316617,316650,316663,316709,316831,316917-316919,317058,317104,317196,317281,317283,317336,317370,317425,317427,317429,317474,317476,317478,317480,317484,317486,317530,317584,317670,317805,317837,317865,317867,317917-317918,317967,317969,318055,318057,318142,318148,318231,318233,318282,318337,318351,318436,318499,318549-318550,318671,318720,318783,318868,318917,318919,318921,319083,319085,319142,319145,319204,319259,319365,319367,319469,319529,319552,319654,319758,319812,319866,319938,319997,320007,320057,320059,320162,320180,320237,320338,320445,320504,320560,320568,320573,320650,320716,320796,320823,320883,320947,321042,321044,321100,321155,321211,321273,321330,321333,321337,321392,321436,321511,321515,321517,321528,321537,321547,321685,321812-321813,321871,321924,321926,322069,322189,322322,322425,322484,322749,322807,322865,322923,322981,323040,323154,323213,323370-323371,323392-323394,323456,323608,323610,323669-323670,323672,323754,323859,323863,323866,323932,323990,324048,324115,324174,324176,324178,324237,324241,324364,324479,324481,324484,324491,324557,324652,324678,324685,324768,324849,324914,324955,325091,325152,325212,325339,325416,325537,325545,325610,325614,325673,325740,325821,325877,325935,326144,326209,326291,326411,326484,326681,326683,326689,326830,326985,327044,327046,327106,327211,327411,327512,327682,327793,327852,327888,327890,327950,328014,328205,328209,328302,328427,328540,328593,328608,328663,328716,328770,328823,328878,328935,328987,329027,329144,329199,329203,329299,329333,329471,329527,329529,329613,329709,329767,329895,329991,329994,330050,330107,330203,330213,330311,330368,330433,330575,330578,330581,330648,330705,330762,330827,330843,331038,331142,331146,331248,331315,331461,331517,331575,331578,331635,331649,331658,331714,331771,331774,331867,331886,331955,332021,332026,332100,332118,332176,332264,332320,332355,332446,332503,332559,332699,332759,332816-332817,332874,332876,332939,333010,333201,333265,333267,333339,333378,333569,333630,333784-333785,333836,333947,334006,334009,334012,334156,334229,334234,334296,334355,334453,334616,334620,334682,334840,334843,334953,335064,335319,335341,335433,335497,335618,335655,335720,335790,335851,335911,335978,336093,336166,336234,336294,336312,336314,336378,336440,336499,336501,336569,336572,336658,336716,336733,336791,336877,336977,337007,337061,337115,337118,337325,337344,337353,337430,337486,337541,337720,337774,337839,337898,337973,338084,338224,338227,338235,338322,338416,338492,338551,338555,338663,338718,338800,339086-339087,339144,339147,339244,339297,339352,339406,339504-339506,339511,339566,339625,339719,339776,339830,339884,339938,340108,340164,340263,340279,340284,340365,340418,340470,340522,340534,340576,340662,340715,340809,340863,340878,340970,341022,341074,341088,341108-341112,341189,341254,341312,341314,341366,341379,341435,341529,341664,341704,341717,341806,341809,342061,342223,342276,342328,342380,342383,342435,342484,342487,342545,342602,342661,342769,342869,342927,342990,343047,343102,343157,343181,343220,343276,343281,343336,343375,343577,343621,343637,343690,343791,343851,343936,344048,344102,344157-344158,344215,344268,344330,344385,344439,344536,344539,344608,344661,344715,344769,344823,344835,344837,344843,344899,344965,345062-345063,345160,345163,345219,345273,345285,345370,345431,345487,345546,345682,345828-345829,345923,345976,346030,346086,346144,346147,346239,346292,346472,346564,346697,346700,346762,346899,346951,346954,347006,347058,347111,347131,347166,347239,347292,347369,347438,347531,347595,347718,347811,347995,348101,348154,348157,348212,348310,348362,348401,348464,348516,348647,348735,348833,348888,348940,348992,349044,349144,349194,349289,349339,349450,349482,349504,349529,349558,349672,349728,349731,349819,349872,349968,350023,350679,350730,350733,350736,350788-350789,350837,350885,350888,350975,351027,351080,351130,351182,351233,351284,351287,351306,351396,351450,351504,351559,351611,351618,351707,351759,351858,351860,352014,352016,352029,352090,352144,352199,352230,352291,352367,352424,352511,352514,352551,352612,352643,352704,352755,352807,352862,352955,352959,353077,353126,353175,353260,353320,353368,353371,353454,353502,353550,353598,353720,353769-353770,353867,353915,353999,354116,354216,354263,354348,354492,354495,354542,354545,354547,354655,354702,354749,354835,354889,354953,355009,355056,355136,355182,355228,355268,355319,355365,355448,355458,355529,355574,355608,355622,355732,355746,355793,355850,355901,355904,355949,355952,355997,356107,356214,356290-356337,356430,356475,356521,356604,356650,356677,356797,356917,356963,357093,357212,357266,357352,357356,357386,357407,357416,357455,357490,357575,357665,357761,357809,357811,357894,357940,357986,358011,358029,358115,358162,358214,358260,358278,358377,358435,358438,358484,358530,358643,358810,358859,358943,358978,359050,359053,359056,359059,359069,359088,359110,359116,359157,359211,359259,359344,359356,359451-359452,359457,359486,359508,359558,359609,359656,359706,359809,359892,359979,360033,360086-360087,360138,360262,360309,360356-360357,360360,360363,360413,360471,360474,360488,360574,360625,360712,360862,360884,360933,360987,361040,361090,361142,361201,361210,361269,361329,361332,361380,361403-361412,361471,361558,361606,361657,361705,361753,361803,361854,361955,361972,362079,362082,362151,362201,362204,362253,362304,362354-362355,362359,362362,362428,362485,362536,362586,362677,362680,362729,362815,362868,362997,363102,363106,363141,363209,363375,363428,363687,363730,363788,363875,363934,363986,364046,364060,364108,364203,364258,364277,364340-364341,364578,364635,364649,364706,364769,364786,364840-364841,364899,364902,365006-365068,365143,365159,365298,365313,365398,365474,365476,365574,365631,365692,365896,365989,366048,366052,366094,366167,366240,366296,366389,366409,366547,366597,366740,366791,366880,366882,366944,367002,367027,367266,367292,367362,367416,367469,367678,367730,367781,367906,367976,367980,368039,368092,368218,368308,368405,368469,368498,368520,368533,368567,368586,368604,368625,368644,368719,368738,368759,368807,368830,368852,368873,368894,368898,368927,369001-369002,369043,369066,369108,369146,369195,369214,369235,369238,369258,369262,369282,369302,369323-369324,369327,369351-369352,369390,369436,369471,369490,369557,369579,369626,369652,369708,369731,369750,369792,369818,369869,369937,369970,369993,370014,370017,370081,370131,370183,370205,370252,370273,370275,370360,370383,370428-370429,370494,370563,370618,370642,370666,370697,370769-370771,370797,370856,370900,370923,370952,370985,370988,371011-371012,371060,371089,371141,371198,371201,371270,371306,371337,371357,371392-371393,371436,371469,371544,371590,371662,371690,371718,371747,371782,371787,371824,371860,371888,371919,371961,371998,372015,372048,372089,372158,372185,372212,372239,372339,372354,372390,372417,372444,372471,372517,372554,372581,372620,372624,372628,372655,372682,372709,372736,372763,372765,372804,372840,372902,372932,372959,373024,373061,373090,373131,373165,373236,373242,373298,373342,373424,373438,373467,373500,373504,373532,373550,373578,373617-373618,373640,373652,373666,373702,373705,373735,373768,373773,373815,373848,373878,373909,373945,373989,374032,374177,374230,374335,374365,374384,374426,374456,374475,374479,374536,374570-374581,374686,374727,374758,374802,374843,374905,374977,375025,375059,375074,375111,375146,375189,375216,375272,375299,375325,375361,375388,375415,375450,375484,375528,375594,375625,375658,375698,375727,375758,375793,375800,375862,375893,375964,375993-375994,376029,376058,376087,376142,376166,376199,376232,376262,376306-376307,376340,376389,376428,376469,376521,376586,376627,376657,376688,376725,376758,376788,376834,376864,376868,376901,376919,376950,377037,377069,377073,377104,377135,377165,377256-377257,377398,377431,377487,377509,377557,377591,377623,377655,377704,377708,377740,377771,377806,377837,377840,377847,377881,377922,377946,378036,378088,378092,378119,378217,378269