Hi Dave We register the service using pg_ctl. When I manually executed the following on the command prompt, I saw that the service path of the registered service did not have the pg_ctl.exe path in quotes. May be it should be handled in the pg_ctl code.
*c:\Users\Sandeep Thakkar\Documents>*"c:\Program Files\PostgreSQL\9.3\bin\pg_ctl.e xe" register -N "pg-9.3" -U "NT AUTHORITY\NetworkService" -D "c:\Program Files\P ostgreSQL\9.3\data" -w Naoya, I could not find your patch here. Can you please share it again? On Mon, Oct 28, 2013 at 2:53 PM, Dave Page <dp...@pgadmin.org> wrote: > Sandeep, can you look at this please? Thanks. > > On Mon, Oct 28, 2013 at 8:18 AM, Asif Naeem <anaeem...@gmail.com> wrote: > > It is related to windows unquoted service path vulnerability in the the > > installer that creates service path without quotes that make service.exe > to > > look for undesirable path for executable. > > > > postgresql-9.3 service path : C:/Users/asif/Desktop/Program > > files/9.3/bin/pg_ctl.exe runservice -N "postgresql-9.3" -D > > "C:/Users/asif/Desktop/Program files/9.3/data" -w > > > > service.exe > >> > >> C:\Users\asif\Desktop\Program NAME NOT FOUND > >> C:\Users\asif\Desktop\Program.exe NAME NOT FOUND > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice > NAME > >> NOT FOUND > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice.exe > >> NAME NOT FOUND > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N > >> NAME NOT FOUND > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N.exe > >> NAME NOT FOUND > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N > >> "postgresql-9.3" NAME INVALID > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N > >> "postgresql-9.3".exe NAME INVALID > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N > >> "postgresql-9.3" -D NAME INVALID > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N > >> "postgresql-9.3" -D.exe NAME INVALID > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N > >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program NAME INVALID > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N > >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program.exe NAME INVALID > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N > >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program files\9.3\data" > NAME > >> INVALID > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N > >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program files\9.3\data".exe > >> NAME INVALID > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N > >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program files\9.3\data" -w > >> NAME INVALID > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N > >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program files\9.3\data" > -w.exe > >> NAME INVALID > > > > > > Fix : > > > > postgresql-9.3 service path : "C:/Users/asif/Desktop/Program > > files/9.3/bin/pg_ctl.exe" runservice -N "postgresql-9.3" -D > > "C:/Users/asif/Desktop/Program files/9.3/data" -w > > > > It would be good if this is reported on pg installer forum or security > > forum. Thanks. > > > > Regards, > > Asif Naeem > > > > On Mon, Oct 28, 2013 at 12:06 PM, Naoya Anzai > > <anzai-na...@mxu.nes.nec.co.jp> wrote: > >> > >> Hi, Asif. > >> > >> Thank you for response. > >> > >> > >> > C:\Users\asif\Desktop\Program files\9.3>"bin\pg_ctl" -D > >> > "C:\Users\asif\Desktop\Program files\9.3\data1" -l logfile start > >> > server starting > >> > >> This failure does not occur by the command line. > >> PostgreSQL needs to start by Windows Service. > >> > >> Additionally,In this case, > >> A file "Program" needs to be exist at "C:\Users\asif\Desktop\", and > >> "postgres.exe" needs to be exist at "C:\Users\asif\Desktop\Program > >> files\9.3\bin". > >> ------------ > >> C:\Users\asif\Desktop\Program files\9.3\bin>dir > >> ... > >> 4,435,456 postgres.exe > >> 80,896 pg_ctl.exe > >> ... > >> > >> C:\Users\asif\Desktopp>dir > >> ... > >> 0 Program > >> <DIR> Program files > >> ... > >> ------------ > >> > >> Regards, > >> Naoya > >> > >> > Hi Naoya, > >> > > >> > I am not able to reproduce the problem. Do you mean pg windows service > >> > installed by installer is not working or bin\pg_ctl binary is not > accepting > >> > spaces in the patch ?. Following worked for me i.e. > >> > > >> > > >> > C:\Users\asif\Desktop\Program files\9.3>"bin\pg_ctl" -D > >> > "C:\Users\asif\Desktop\Program files\9.3\data1" -l logfile start > >> > server starting > >> > > >> > > >> > Can you please share the exact steps ?. Thanks. > >> > > >> > > >> > Regards, > >> > Muhammad Asif Naeem > >> > > >> > > >> > > >> > On Mon, Oct 28, 2013 at 10:26 AM, Naoya Anzai > >> > <anzai-na...@mxu.nes.nec.co.jp> wrote: > >> > > >> > > >> > Hi All, > >> > > >> > I have found a case that PostgreSQL Service does not start. > >> > When it happens, the following error appears. > >> > > >> > "is not a valid Win32 application" > >> > > >> > This failure occurs when the following conditions are true. > >> > > >> > 1. There is "postgres.exe" in any directory that contains a > space, > >> > such as "Program Files". > >> > > >> > e.g.) > >> > C:\Program Files\PostgreSQL\bin\postgres.exe > >> > > >> > 2. A file using the first white space-delimited > >> > tokens of that directory as the file name exists, > >> > and there is it in the same hierarchy. > >> > > >> > e.g.) > >> > C:\Program //file > >> > > >> > "pg_ctl.exe" as PostgreSQL Service creates a postgres > >> > process using an absolute path which indicates the > >> > location of "postgres.exe",but the path is not enclosed > >> > in quotation. > >> > > >> > Therefore,if the above-mentioned conditions are true, > >> > CreateProcessAsUser(a Windows Function called by pg_ctl.exe) > >> > tries to create a process using the other file such > >> > as "Program", so the service fails to start. > >> > > >> > Accordingly, I think that the command path should be > >> > enclosed in quotation. > >> > > >> > I created a patch to fix this failure, > >> > So could anyone confirm? > >> > > >> > Regards, > >> > > >> > Naoya > >> > > >> > --- > >> > Naoya Anzai > >> > Engineering Department > >> > NEC Soft, Ltd. > >> > E-Mail: anzai-na...@mxu.nes.nec.co.jp > >> > --- > >> > > >> > > >> > -- > >> > Sent via pgsql-hackers mailing list ( > pgsql-hackers@postgresql.org) > >> > To make changes to your subscription: > >> > http://www.postgresql.org/mailpref/pgsql-hackers > >> > > >> > > >> > > >> > > >> > > >> > >> 以上、よろしくお願い致します。 > >> > >> -------------------------------------------------------- > >> NECソフト株式会社 > >> PFシステム事業部 テーマソフト開発G > >> 安西 直也 > >> > >> 外線(03)5534-2353 > >> 内線(8)57-40364 > >> Mail:NES-N2363 > >> E-mail:anzai-na...@mxu.nes.nec.co.jp > >> -------------------------------------------------------- > >> ≪本メールの取り扱い≫ > >> ・区分:秘密 > >> ・開示:必要最小限で可 > >> ・持出:禁止 > >> ・期限:無期限 > >> ・用済後:廃棄 > >> > >> > >> > > > > -- > Dave Page > Blog: http://pgsnake.blogspot.com > Twitter: @pgsnake > > EnterpriseDB UK: http://www.enterprisedb.com > The Enterprise PostgreSQL Company > -- Sandeep Thakkar Senior Software Engineer Phone: +91.20.30589505 Website: www.enterprisedb.com EnterpriseDB Blog: http://blogs.enterprisedb.com/ Follow us on Twitter: http://www.twitter.com/enterprisedb
