.. _contrib: ++++++++++++++++++++++++++++++++++ My Contributions to Free Softwares ++++++++++++++++++++++++++++++++++ See also my :ref:`projects ` and my :ref:`contributions to Python `. Contributions in 2016 ===================== * Fedora Cloud Image, bug reports: * https://bugzilla.redhat.com/show_bug.cgi?id=1405391 * https://fedorahosted.org/fedora-websites/ticket/415 * testrepository * PR `Fix two ResourceWarning warnings `_ * Issue `Subprocesses pipes (stdout, stderr) are not explicitly closed: ResourceWarning warnings are logged `_ * pip * Issue: `pip should use the distro module: platform.linux_distribution() has been deprecated in Python 3.5 `_ * PR: `Fix a ResourceWarning in setuptools_build `_ * setuptools * `Don't use deprecated 'U' flag to read manifest `_ * python-json-patch * `Use inspect.signature() on Python 3 `_ * `Add tox.ini `__ * numpy * `Use PyMem_RawMalloc on Python 3.4 and newer `_ * `Assertion error when running tests on Python 3.6 compiled in debug mode `_ * https://github.com/numpy/numpy/issues/7360 * eventlet: * PR #303: `Add hubs.default_clock and use time.monotonic `_ * Bug report: `Python 3: wsgi doesn't handle correctly partial write of socket send() when using writelines() `_ Contributions in 2015 ===================== * monotonic * `clock_gettime() is not thread-safe `_ * `Don't use CLOCK_MONOTONIC_RAW #13 `_ * both merged into monotonic 0.5 released at 2015-12-27 * routes: - `Add tox.ini `__ - `Fix BytesWarning in Mapper.generate() `_ * pep8: `fix BytesWarning on Python 3 `_ * eventlet: Python 3 patches - PR #275: `Issue #274: Fix GreenSocket.recv_into() `_. Issue: `On Python 3, sock.makefile('rb').readline() doesn't handle blocking errors correctly `_ - PR #257: `Fix GreenFileIO.readall() for regular file `_ - `Issue #248: eventlet.monkey_patch() on Python 3.4 makes stdout non-blocking `_: pull request `Fix GreenFileIO.write() `_ - `Issue #230: Fix patcher.original, don't load a module twice when eventlet monkey-patched is not used `_ - `tox 1.8 or newer is required `_ - `Fix threading monkey-patching on Python 3.4 `_ - `Fix threading.Condition with monkey-patching on Python 3.3 and newer #187 `_ on Python 3.3 and newer when monkey patching is used) Contributions in 2014 ===================== * pip: `Fix issue #1433: parse requirements in markers #1472 `_. Since pip 6.0, it is possible to write ``futures; python_version < '2.7'`` in requirements.txt. Feature very useful to specify requirements specific to Python 2, or only for an old Python version. * eventlet: Python 3 patches - `Fix monkey-patched os.open(): add dir_fd parameter #170 `_ - `enhance socketpair code in tpool #167 `_ - `Fix monkey_patch() on Python 3 #168 `_ * Mercurial bug reports: - `Bug 4516 - Rename information lost after merge+edit+commit amend `_ - `Bug 4306 - histedit blocked if i exchange and edit a commit (unknown revision / no node) `_ Old Work (2004-2008) ==================== First, see my :ref:`old projects `. Accepted patches in other projects ---------------------------------- * 2008-05-08, *PyPy*: modules pwd et syslog implémentés avec ctypes (bon maintenant j'ai un compte Subversion chez PyPy, alors j'accepte mes propres contrib' :-)) * 2008-03-05, *PyPy*: `_locale module implementation in ctypes `_ * 2008-02-21, *PyPy*: `resource module implementation using ctypes `_ * 2007-12-03, *Apache*: `Fix XSS in error page #413 `_. Voir le `commit dans Subversion `_. * 2006-09-06, *PyPy*: `Corrige le module codec pour la casse des charsets `_ (pour être compatible avec CPython) * 2006-08-21, *urwid*: `Patch ''setuptools'' `_ (appliqué dans la version 0.9.6) * 2006-04-27, *Dia* : http://bugzilla.gnome.org/show_bug.cgi?id=334771 Patch qui corrige un plantage alétoire lors du "dégroupage" d'un objet] (appliqué dans Dia 0.95) * 2005-06-16, *Gnome* : `Patch pour libgnomeui `_. Nautilus utilisait 500 Mo de mémoire pour générer une miniature d'une image SVG de 28 Ko ! Mon patch limite au maximum le gaspillage de mémoire. (appliqué dans la version 2.11) Pending patches --------------- * 2008-07-07, *PHP*: `count_chars() crashs if both arguments are the same reference `_ * 2007-08-16, *yui*: `container css: "cursor: pointer" instead of "cursor: hand" `_ INL/EdenWall ============ During my work at INL/EdenWall, I contributed to many open source softwares: * 2007, iptables: `#7080: Don't silenty exit on failure to open /proc/net/{ip,ip6}_tables_names `_ * libnfnetlink: `#6741: fix autogen.sh (sh syntax for string comparaison) `_ * libnetfilter_conntrack: `#6721: fix a crash on setting the counters of a conntrack, implement getter for the ATTR_USE attribute `_ * 2006, libnetfilter_conntrack: `#6719: Fix XML output syntax `_ * libnfnetlink: `#6718: Initialize callback structure `_ * libnetfilter_conntrack: `#6716: Fix new API test program (replace ntohs by htons), introduce NFCT_O_PLAIN flag `_ * gcrypt (july 2006): `Fix missing initializer warning in gcrypt.h `_ * `Microoptimize destruction of unused statitically initialized mutexes `_ * 2005, (lxml library) `Invalid use of xmlIO: crash on xmlCharEncCloseFunc() `_ * (CPython) `Bugfix for crashes on low-memory conditions `_ * (Python ctypes) `ctypes: wrong calling convention for _string_at `_. See `issue #3554 `_, 3900 was a duplicate of this bug :-/ * `PHP `_: `bug report #42817 `_ * `Dia `_: `Bug #334771 (Ungroup crashes) `_ fixed * `libc `_: Bug report made by Victor Stinner: `vfprintf() segfault with multibyte string and long precision `_. Ulrich Drepper fixed the bug: see `vfprintf patch v1.136 `_ Security vulnerabilities: * 2007-05-22: `CVE-2007-2754 `_: FreeType Integer Overflow in TT_Load_Simple_Glyph() * 2007-05-11: `CVE-2007-2650 `_: ClamAV OLE2 Parser Denial of Service * 2007-05-10: `CVE-2007-2645 `_: Libexif Integer Overflow Vulnerability in exif_data_load_data_entry() Fuzzing ======= Thanks to my project `Fusil `_, I found and sometimes fixed many bugs in various softwares. See the `list of crashes found by Fusil `_. Bug reports =========== Fixed: * 2007-05-07, *ImageMagick*: `Crash in EXIF parser with invalid IFD count `_. The file also crash gwenview application. * 2007-04-30, *libc*: `vfprintf() segfault with multibyte string and long precision `_. - Le bug a été corrigé par Ulrich Drepper : `patch vfprintf v1.136 `_ - `Rapport de bug Fedora Core `_ - `Rapport de bug Debian `_ * 2007-04-28, *FreeType*: `Another bug in TTF (cmap) `_, voir le `patch sfnt/sfobjs.c version 1.128 `_ * 2007-04-27, *FreeType*: `Bug in fuzzed TTF file `_. Voir le `patch (dans CVS) `_. Open: * 2008-02-21: *PyPy*, `large-file support and file.seek() `_ * 2008-01-28: *Firefox*, `Venkman crashs on profiling after clearing profile data `_ * 2008-01-28: *command-not-found*, `phpize is missing from program.d database `_ * 2007-10-01: *PHP*, `buffer under- and overflow on clone(null)+array_push() `_ - `Diff sur zend_vm_execute.h `_ - Tests de non regression : `bug36071.phpt `_, `bug42817.phpt `_, `bug42818.phpt `_ * 2007-07-05, *ClamAV*: - `#561: OLE2: Long (slow) loop in ole2_walk_property_tree() with huge prop_index value `_ - `#560: bitset_realloc() is not atomic `_ (avec patch et testcase) - `#559: OLE2: Allocate too much memory with invalid file `_ (avec patch et testcase) * 2007-04-18, *ClamAV*: `Bug in OLE2 file parser `_ (DoS found with fuzzing), dans bugzilla: `Bug #466 `_ (fermé au public) * 2007-04-20, *ImageMagick*: `Bug report in TGA and XCF files `_ (DoS found with fuzzing) * 2005-06-16, *gdb* : `Display libc function names instead of address? `_ Other ===== * I contributed to some articles on the french Wikipedia, like: `Sténographie `_.