So, this is not an installer issue. Is this bug raised to the PostgreSQL
community? If yes, you should submit the patch there.


On Tue, Oct 29, 2013 at 6:23 AM, Naoya Anzai
<anzai-na...@mxu.nes.nec.co.jp>wrote:

> Hi, Asif
>
> Thank you for providing my patch (pg_ctl.c.patch) to Sandeep on my behalf.
>
> > Good finding. I have attached another version of patch
> (pg_ctl.c_windows_vulnerability.patch) attached that has fewer lines of
> code changes, can you please take a look ?. Thanks.
>
> I think your patch is not sufficient to fix.
> Not only "pg_ctl.exe" but "postgres.exe" also have the same problem.
> Even if your patch is attached,
> A Path of "postgres.exe" passed to CreateRestrictedProcess is not enclosed
> in quotation.(See pgwin32_ServiceMain at pg_ctl.c)
>
> So, processing enclosed in quotation should do in both conditions.
>
> Regards,
> Naoya
>
> ---
> Naoya Anzai
> Engineering Department
> NEC Soft, Ltd.
> E-Mail: anzai-na...@mxu.nes.nec.co.jp
> ---
>
>
> > Hi Sandeep,
> >
> > PFA Naoya's patch (pg_ctl.c.patch).
> >
> > Hi Naoya,
> >
> > Good finding. I have attached another version of patch
> (pg_ctl.c_windows_vulnerability.patch) attached that has fewer lines of
> code changes, can you please take a look ?. Thanks.
> >
> > Best Regards,
> > Asif Naeem
> >
> >
> > On Mon, Oct 28, 2013 at 4:46 PM, Sandeep Thakkar <
> sandeep.thak...@enterprisedb.com> wrote:
> >
> >
> >       Hi Dave
> >
> >       We register the service using pg_ctl. When I manually executed the
> following on the command prompt, I saw that the service path of the
> registered service did not have the pg_ctl.exe path in quotes. May be it
> should be handled in the pg_ctl code.
> >
> >       c:\Users\Sandeep Thakkar\Documents>"c:\Program
> Files\PostgreSQL\9.3\bin\pg_ctl.e
> >       xe" register -N "pg-9.3" -U "NT AUTHORITY\NetworkService" -D
> "c:\Program Files\P
> >       ostgreSQL\9.3\data" -w
> >
> >       Naoya,  I could not find your patch here. Can you please share it
> again?
> >
> >
> >
> >       On Mon, Oct 28, 2013 at 2:53 PM, Dave Page <dp...@pgadmin.org>
> wrote:
> >
> >
> >               Sandeep, can you look at this please? Thanks.
> >
> >               On Mon, Oct 28, 2013 at 8:18 AM, Asif Naeem <
> anaeem...@gmail.com> wrote:
> >               > It is related to windows unquoted service path
> vulnerability in the the
> >               > installer that creates service path without quotes that
> make service.exe to
> >               > look for undesirable path for executable.
> >               >
> >               > postgresql-9.3 service path :
> C:/Users/asif/Desktop/Program
> >               > files/9.3/bin/pg_ctl.exe runservice -N "postgresql-9.3"
> -D
> >               > "C:/Users/asif/Desktop/Program files/9.3/data" -w
> >               >
> >               > service.exe
> >               >>
> >               >> C:\Users\asif\Desktop\Program     NAME NOT FOUND
> >               >> C:\Users\asif\Desktop\Program.exe     NAME NOT FOUND
> >               >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
>     ACCESS DENIED
> >               >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
>     ACCESS DENIED
> >               >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice     NAME
> >               >> NOT FOUND
> >               >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice.exe
> >               >> NAME NOT FOUND
> >               >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> >               >> NAME NOT FOUND
> >               >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N.exe
> >               >> NAME NOT FOUND
> >               >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> >               >> "postgresql-9.3"     NAME INVALID
> >               >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> >               >> "postgresql-9.3".exe     NAME INVALID
> >               >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> >               >> "postgresql-9.3" -D     NAME INVALID
> >               >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> >               >> "postgresql-9.3" -D.exe     NAME INVALID
> >               >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> >               >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program NAME
> INVALID
> >               >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> >               >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program.exe
> NAME INVALID
> >               >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> >               >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program
> files\9.3\data"     NAME
> >               >> INVALID
> >               >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> >               >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program
> files\9.3\data".exe
> >               >> NAME INVALID
> >               >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> >               >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program
> files\9.3\data" -w
> >               >> NAME INVALID
> >               >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> >               >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program
> files\9.3\data" -w.exe
> >               >> NAME INVALID
> >               >
> >               >
> >               > Fix :
> >               >
> >               > postgresql-9.3 service path :
> "C:/Users/asif/Desktop/Program
> >               > files/9.3/bin/pg_ctl.exe" runservice -N "postgresql-9.3"
> -D
> >               > "C:/Users/asif/Desktop/Program files/9.3/data" -w
> >               >
> >               > It would be good if this is reported on pg installer
> forum or security
> >               > forum. Thanks.
> >               >
> >               > Regards,
> >               > Asif Naeem
> >               >
> >               > On Mon, Oct 28, 2013 at 12:06 PM, Naoya Anzai
> >               > <anzai-na...@mxu.nes.nec.co.jp> wrote:
> >               >>
> >               >> Hi, Asif.
> >               >>
> >               >> Thank you for response.
> >               >>
> >               >>
> >               >> >       C:\Users\asif\Desktop\Program
> files\9.3>"bin\pg_ctl" -D
> >               >> > "C:\Users\asif\Desktop\Program files\9.3\data1" -l
> logfile start
> >               >> >       server starting
> >               >>
> >               >> This failure does not occur by the command line.
> >               >> PostgreSQL needs to start by Windows Service.
> >               >>
> >               >> Additionally,In this case,
> >               >> A file "Program" needs to be exist at
> "C:\Users\asif\Desktop\", and
> >               >> "postgres.exe" needs to be exist at
> "C:\Users\asif\Desktop\Program
> >               >> files\9.3\bin".
> >               >> ------------
> >               >> C:\Users\asif\Desktop\Program files\9.3\bin>dir
> >               >> ...
> >               >>     4,435,456   postgres.exe
> >               >>        80,896   pg_ctl.exe
> >               >> ...
> >               >>
> >               >> C:\Users\asif\Desktopp>dir
> >               >> ...
> >               >>             0  Program
> >               >> <DIR>          Program files
> >               >> ...
> >               >> ------------
> >               >>
> >               >> Regards,
> >               >> Naoya
> >               >>
> >               >> > Hi Naoya,
> >               >> >
> >               >> > I am not able to reproduce the problem. Do you mean
> pg windows service
> >               >> > installed by installer is not working or bin\pg_ctl
> binary is not accepting
> >               >> > spaces in the patch ?. Following worked for me i.e.
> >               >> >
> >               >> >
> >               >> >       C:\Users\asif\Desktop\Program
> files\9.3>"bin\pg_ctl" -D
> >               >> > "C:\Users\asif\Desktop\Program files\9.3\data1" -l
> logfile start
> >               >> >       server starting
> >               >> >
> >               >> >
> >               >> > Can you please share the exact steps ?. Thanks.
> >               >> >
> >               >> >
> >               >> > Regards,
> >               >> > Muhammad Asif Naeem
> >               >> >
> >               >> >
> >               >> >
> >               >> > On Mon, Oct 28, 2013 at 10:26 AM, Naoya Anzai
> >               >> > <anzai-na...@mxu.nes.nec.co.jp> wrote:
> >               >> >
> >               >> >
> >               >> >       Hi All,
> >               >> >
> >               >> >       I have found a case that PostgreSQL Service
> does not start.
> >               >> >       When it happens, the following error appears.
> >               >> >
> >               >> >        "is not a valid Win32 application"
> >               >> >
> >               >> >       This failure occurs when the following
> conditions are true.
> >               >> >
> >               >> >       1. There is "postgres.exe" in any directory
> that contains a space,
> >               >> >          such as "Program Files".
> >               >> >
> >               >> >          e.g.)
> >               >> >          C:\Program Files\PostgreSQL\bin\postgres.exe
> >               >> >
> >               >> >       2. A file using the first white space-delimited
> >               >> >          tokens of that directory as the file name
> exists,
> >               >> >          and there is it in the same hierarchy.
> >               >> >
> >               >> >          e.g.)
> >               >> >          C:\Program     //file
> >               >> >
> >               >> >       "pg_ctl.exe" as PostgreSQL Service creates a
> postgres
> >               >> >       process using an absolute path which indicates
> the
> >               >> >       location of "postgres.exe",but the path is not
> enclosed
> >               >> >       in quotation.
> >               >> >
> >               >> >       Therefore,if the above-mentioned conditions are
> true,
> >               >> >       CreateProcessAsUser(a Windows Function called
> by pg_ctl.exe)
> >               >> >       tries to create a process using the other file
> such
> >               >> >       as "Program", so the service fails to start.
> >               >> >
> >               >> >       Accordingly, I think that the command path
> should be
> >               >> >       enclosed in quotation.
> >               >> >
> >               >> >       I created a patch to fix this failure,
> >               >> >       So could anyone confirm?
> >               >> >
> >               >> >       Regards,
> >               >> >
> >               >> >       Naoya
> >               >> >
> >               >> >       ---
> >               >> >       Naoya Anzai
> >               >> >       Engineering Department
> >               >> >       NEC Soft, Ltd.
> >               >> >       E-Mail: anzai-na...@mxu.nes.nec.co.jp
> >               >> >       ---
> >               >> >
> >               >> >
> >               >> >       --
> >               >> >       Sent via pgsql-hackers mailing list (
> pgsql-hackers@postgresql.org)
> >               >> >       To make changes to your subscription:
> >               >> >
> http://www.postgresql.org/mailpref/pgsql-hackers
> >               >> >
> >               >> >
> >               >> >
> >               >> >
> >               >> >>
> >
> >
> >               --
> >               Dave Page
> >               Blog: http://pgsnake.blogspot.com
> >               Twitter: @pgsnake
> >
> >               EnterpriseDB UK: http://www.enterprisedb.com
> >               The Enterprise PostgreSQL Company
> >
> >
> >
> >
> >
> >       --
> >
> >       Sandeep Thakkar
> >       Senior Software Engineer
> >
> >
> >       Phone: +91.20.30589505 <tel:%2B91.20.30589505>
> >
> >       Website: www.enterprisedb.com
> >       EnterpriseDB Blog: http://blogs.enterprisedb.com/
> >       Follow us on Twitter: http://www.twitter.com/enterprisedb
> >
> >
> >
> >
> >
> >
>
>
>
>


-- 
Sandeep Thakkar
Senior Software Engineer


Phone: +91.20.30589505

Website: www.enterprisedb.com
EnterpriseDB Blog: http://blogs.enterprisedb.com/
Follow us on Twitter: http://www.twitter.com/enterprisedb

Reply via email to