1

Suddenly, an application isn't any longer able to output ZIP files. An inspection revealed the cause: The first character of the ZIP is a blank, which breaks the ZIP format spec.

To track down this problem, I enabled CStatementTracer, which prints each line of executed code to a log file. Didn't help. [Remark: declare(ticks=1); doesn't seem to trap each line of executed code]

I then set an output handler like so:

function callback( $buffer )  {

    $deb = print_r( debug_backtrace(), TRUE );
    file_put_contents( './statementTrager.log', $deb );

    return $buffer;

}

ob_start("callback", 1 );

Unfortunately, this handler isn't called at all.

Q: Does a generic / canonical solution exists, which identifies the file / line of PHP-code, which emits the first character.

A solution, that finds the loc whatever other code gets executed.

Remarks:

  • Not even a single PHP file is closed using ?>

Meanwhile I found the suspicious like of code: A blank in front of a starting

Still, I'd like to get hints regarding a programmatic solution. Preferrably a solution written in pure PHP.

SteAp
  • 11,853
  • 10
  • 53
  • 88
  • 1
    If something suddenly stopped worked, the first thing to check is what's changed. First - check if the problem reproducible on a fresh environment to confirm it is an application, not the 3rd party, then check VCS and find the commit where it stopped working. A blank character may come from the code around php - a space before or after ` – Alex Blex Sep 22 '17 at 08:21
  • 1
    headers_sent(&$file, &$line) ? – nithinTa Sep 22 '17 at 08:28
  • 1
    get rid of any closing `?>` at the end of your files, if no output like html follows it. a little whitespace could output, screwing everything up. – delboy1978uk Sep 22 '17 at 08:34

1 Answers1

1

https://linux.die.net/man/1/strace is probably the most reliable tool to find out where the output comes from. Assuming you are on Linux. There must be similar tools for other platforms.

Although it will not give you the line of the php code, you can analyse the context of system calls made before and after the offensive character was sent. Usually it is enough to identify where the problem originates.

It is quite time consuming process though. Should be used as the last resort.

Alex Blex
  • 34,704
  • 7
  • 48
  • 75
  • Thank you. But probably it outputs a bit too much information. Unfortunately, I'm on windows right now. Nevertheless a good hint! – SteAp Sep 22 '17 at 09:56