Per the webkit-dev mailing list, certain McAfee Antivirus products report a false-positive when checking out the WebKit source on Windows. http://lists.macosforge.org/pipermail/webkit-dev/2007-July/002152.html http://lists.macosforge.org/pipermail/webkit-dev/2007-July/002155.html They should be evangelized to fix the issue so these false-positives are not reported. If anyone at McAfee is trying to reproduce the issue, they should follow these instructions for checking out source code: http://webkit.org/building/tools.html http://webkit.org/building/checkout.html
Sent email to McAfee customer service regarding this issue. (Updated URL where I found the customer service email form online.)
(In reply to comment #1) > Sent email to McAfee customer service regarding this issue. Dear David Kilzer This is a system-generated email. We have received your online request for support at http://www.mcafeehelp.com. The case number associated with your online request is 23703946. The estimated time it will take us to respond to your issue is 18 hours. Please do not respond to this email. Thank you for using http://www.mcafeehelp.com for all your support needs! Sincerely, McAfee Consumer Support
Technical support case id: 23720981 Free internet chat case id: 23725596
* STEPS TO REPRODUCE 1. Follow the Windows instructions on this page to install Cygwin (Visual Studio/Visual C++ Express are not needed to reproduce the issue): http://webkit.org/building/tools.html 2. Follow the Windows instructions on this page to check out the source code: http://webkit.org/building/checkout.html * EXPECTED RESULTS The entire source code should be checked out without McAfee reporting a virus or a trojan. * ACTUAL RESULTS When HTML files from the "LayoutTests" directory are being checked out, McAfee reports a virus or a trojan in the source code.
Partial transcript from free online chat: [...] David Kilzer: When the WebKit open source project is checked out on Windows with a McAfee antivirus product installed, it reports a trojan when there is no trojan. This is a "false positive" detection. Shinoj U.P.: David, let me know whether you are getting this popup in Macintosh David Kilzer: No new window popped open on my Mac just now. David Kilzer: I have pop-up blocking disabled in the Safari web browser as well. David Kilzer: Steps to reproduce this "false positive" are here: http://bugs.webkit.org/show_bug.cgi?id=14649#c4 Shinoj U.P.: Thank you for the information you provided. Because this might be benificial for us. I will definitely report this to our research team. [...]
Is the issue still replicable?
(In reply to comment #6) > Is the issue still replicable? I was not affected by the issue, only tried to report it on behalf of others. Haven't seen any complaints about it recently, though.
(In reply to comment #7) > I was not affected by the issue, only tried to report it on behalf of others. > Haven't seen any complaints about it recently, though. Just had another report of that here: https://lists.webkit.org/pipermail/webkit-dev/2008-September/005013.html > "LayoutTests\fast\encoding\*\decoder-allow-null-chars.*" as containing > "Exploit-ScriptNull (Trojan)".
http://svn.webkit.org/repository/webkit/trunk/LayoutTests/fast/encoding/decoder-allow-null-chars.html
*** This bug has been marked as a duplicate of bug 14519 ***