[SR-3147] Trojan found in swift-lldb source #4578
Comments
|
I'm pretty sure this is bogus. It's a test file. But just in case…jingham@apple.com (JIRA User) |
|
Comment by Jim Ingham (JIRA) I forwarded this to lldb-dev where most of the Windows developers of lldb hang out. I'll relay back if I hear anything. |
|
Comment by Jim Ingham (JIRA) Zachary says: The source code is here: And it definitely does nothing. Most of these AV are heuristic, it's probably suspicious about the fact that it's linked with unusual settings (ie /nodefaultlib) which we did in order to minimize the binary size (the pdb is quite large if we don't do this) |
|
Comment by Jim Ingham (JIRA) This is a slightly odd do nothing test program. It is fooling some AV program, but we don't want to have it do more than nothing to work around the AV identification or the file will get considerably bigger. |
Additional Detail from JIRA
md5: e30719da8abaa133d7d8a1bfb98694d2
Issue Description:
I'm using ClamAV on my computer, and it found this file:
swift-lldb/unittests/SymbolFile/PDB/Inputs/test-pdb.exe: Win.Trojan.Agent-1817571 FOUND
Beyond this, I know nothing else about the problem.
The text was updated successfully, but these errors were encountered: