Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
Rajeev rastogi rajeev.rast...@huawei.com writes: OK. Then I am moving it to ready for committer. I've committed this patch. I added a make_native_path() call to fix the slashes-versus-backslashes issue noted by Christian Ullrich, since that was an easy one-line addition. I didn't do anything about the relative-path-for-the-data-directory issue. That would take a bit more code and I'm not certain that we've fully analyzed the implications of changing it. In any case it seems like a completely separate issue from getting the executable pathname right. Thanks for all your work on this! This code's been busted for a long while ... regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
On 11/29/2013 06:43 PM, Tom Lane wrote: Rajeev rastogi rajeev.rast...@huawei.com writes: OK. Then I am moving it to ready for committer. I've committed this patch. I added a make_native_path() call to fix the slashes-versus-backslashes issue noted by Christian Ullrich, since that was an easy one-line addition. I don't mind changing this, but IMNSHO it's not a bug. The program that's reported to fail with the old use of mixed separators is the one with the bug. But changing it costs us little. cheers andrew -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
Andrew Dunstan and...@dunslane.net writes: On 11/29/2013 06:43 PM, Tom Lane wrote: I've committed this patch. I added a make_native_path() call to fix the slashes-versus-backslashes issue noted by Christian Ullrich, since that was an easy one-line addition. I don't mind changing this, but IMNSHO it's not a bug. The program that's reported to fail with the old use of mixed separators is the one with the bug. But changing it costs us little. Yeah, no doubt, but we're certainly swimming against the tide by not following the platform convention. regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
Hi, Rajeev I tested the latest patch. My observation is: If we give relative data directory path while registering the service, then service start fails. But same works if the data directory is absolute path. Looks like an existing issue. May be we need to internally convert relative data path to absolute. Since the mentioned issue is an existing issue and not because of this patch. So can we take that as separate defect and fix. If so, then I can move this patch to ready for committer. I think so too. In boot by Service, CurrentDirectory seems to be C:/Windows/system32. So, you have to set a relative data directory path that the starting point to be C:/Windows/system32. Thanks and Regards, Kumar Rajeev Rastogi Regards, Naoya --- Naoya Anzai Engineering Department NEC Soft, Ltd. E-Mail: anzai-na...@mxu.nes.nec.co.jp --- -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
On 27 November 2013, Naoya Anzai wrote: Hi, Rajeev I tested the latest patch. My observation is: If we give relative data directory path while registering the service, then service start fails. But same works if the data directory is absolute path. Looks like an existing issue. May be we need to internally convert relative data path to absolute. Since the mentioned issue is an existing issue and not because of this patch. So can we take that as separate defect and fix. If so, then I can move this patch to ready for committer. I think so too. In boot by Service, CurrentDirectory seems to be C:/Windows/system32. So, you have to set a relative data directory path that the starting point to be C:/Windows/system32. OK. Then I am moving it to ready for committer. -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
On 25 November 2013, Rajeev Rastogi Wrote: One suggestion: Instead of using sizeof(cmdLine), a. Can't we use strlen (hence small 'for' loop). b. Or use memmove to move one byte. I looked at this patch a bit. I agree that we need to fix pgwin32_CommandLine to double-quote the executable name, but it needs a great deal more work than that :-(. Whoever wrote this code was apparently unacquainted with the concept of buffer overrun. It's not going to be hard at all to crash pg_ctl with overlength arguments. I'm not sure that that amounts to a security bug, but it's certainly bad. After some thought it seems like the most future-proof fix is to not use a fixed-length buffer for the command string at all. The attached revised patch switches it over to using a PQExpBuffer instead, which is pretty much free since we're relying on libpq anyway in this program. (We still use a fixed-length buffer for the program path, which is OK because that's what find_my_exec and find_other_exec expect.) In addition, I fixed it to append .exe in both cases not just the one. I'm not in a position to actually test this, but it does compile without warnings. I tested the latest patch. My observation is: If we give relative data directory path while registering the service, then service start fails. But same works if the data directory is absolute path. Looks like an existing issue. May be we need to internally convert relative data path to absolute. Since the mentioned issue is an existing issue and not because of this patch. So can we take that as separate defect and fix. If so, then I can move this patch to ready for committer. Thanks and Regards, Kumar Rajeev Rastogi -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
On 24 November 2013, Tom Lane Wrote: One suggestion: Instead of using sizeof(cmdLine), a. Can't we use strlen (hence small 'for' loop). b. Or use memmove to move one byte. I looked at this patch a bit. I agree that we need to fix pgwin32_CommandLine to double-quote the executable name, but it needs a great deal more work than that :-(. Whoever wrote this code was apparently unacquainted with the concept of buffer overrun. It's not going to be hard at all to crash pg_ctl with overlength arguments. I'm not sure that that amounts to a security bug, but it's certainly bad. After some thought it seems like the most future-proof fix is to not use a fixed-length buffer for the command string at all. The attached revised patch switches it over to using a PQExpBuffer instead, which is pretty much free since we're relying on libpq anyway in this program. (We still use a fixed-length buffer for the program path, which is OK because that's what find_my_exec and find_other_exec expect.) In addition, I fixed it to append .exe in both cases not just the one. I'm not in a position to actually test this, but it does compile without warnings. I tested the latest patch. My observation is: If we give relative data directory path while registering the service, then service start fails. But same works if the data directory is absolute path. Looks like an existing issue. May be we need to internally convert relative data path to absolute. Thanks and Regards, Kumar Rajeev Rastogi -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
Rajeev rastogi rajeev.rast...@huawei.com writes:
One suggestion:
Instead of using sizeof(cmdLine),
a. Can't we use strlen (hence small 'for' loop).
b. Or use memmove to move one byte.
I looked at this patch a bit. I agree that we need to fix
pgwin32_CommandLine to double-quote the executable name, but it needs a
great deal more work than that :-(. Whoever wrote this code was
apparently unacquainted with the concept of buffer overrun. It's not
going to be hard at all to crash pg_ctl with overlength arguments. I'm
not sure that that amounts to a security bug, but it's certainly bad.
After some thought it seems like the most future-proof fix is to not
use a fixed-length buffer for the command string at all. The attached
revised patch switches it over to using a PQExpBuffer instead, which is
pretty much free since we're relying on libpq anyway in this program.
(We still use a fixed-length buffer for the program path, which is OK
because that's what find_my_exec and find_other_exec expect.)
In addition, I fixed it to append .exe in both cases not just the one.
I'm not in a position to actually test this, but it does compile
without warnings.
regards, tom lane
diff --git a/src/bin/pg_ctl/pg_ctl.c b/src/bin/pg_ctl/pg_ctl.c
index 8399cdd..dd80719 100644
*** a/src/bin/pg_ctl/pg_ctl.c
--- b/src/bin/pg_ctl/pg_ctl.c
***
*** 18,24
--- 18,26
#endif
#include postgres_fe.h
+
#include libpq-fe.h
+ #include pqexpbuffer.h
#include fcntl.h
#include locale.h
*** pgwin32_IsInstalled(SC_HANDLE hSCM)
*** 1238,1253
static char *
pgwin32_CommandLine(bool registration)
{
! static char cmdLine[MAXPGPATH];
int ret;
- #ifdef __CYGWIN__
- char buf[MAXPGPATH];
- #endif
-
if (registration)
{
! ret = find_my_exec(argv0, cmdLine);
if (ret != 0)
{
write_stderr(_(%s: could not find own program executable\n), progname);
--- 1240,1252
static char *
pgwin32_CommandLine(bool registration)
{
! PQExpBuffer cmdLine = createPQExpBuffer();
! char cmdPath[MAXPGPATH];
int ret;
if (registration)
{
! ret = find_my_exec(argv0, cmdPath);
if (ret != 0)
{
write_stderr(_(%s: could not find own program executable\n), progname);
*** pgwin32_CommandLine(bool registration)
*** 1257,1263
else
{
ret = find_other_exec(argv0, postgres, PG_BACKEND_VERSIONSTR,
! cmdLine);
if (ret != 0)
{
write_stderr(_(%s: could not find postgres program executable\n), progname);
--- 1256,1262
else
{
ret = find_other_exec(argv0, postgres, PG_BACKEND_VERSIONSTR,
! cmdPath);
if (ret != 0)
{
write_stderr(_(%s: could not find postgres program executable\n), progname);
*** pgwin32_CommandLine(bool registration)
*** 1267,1320
#ifdef __CYGWIN__
/* need to convert to windows path */
#if CYGWIN_VERSION_DLL_MAJOR = 1007
! cygwin_conv_path(CCP_POSIX_TO_WIN_A, cmdLine, buf, sizeof(buf));
#else
! cygwin_conv_to_full_win32_path(cmdLine, buf);
#endif
! strcpy(cmdLine, buf);
#endif
if (registration)
! {
! if (pg_strcasecmp(cmdLine + strlen(cmdLine) - 4, .exe) != 0)
! {
! /* If commandline does not end in .exe, append it */
! strcat(cmdLine, .exe);
! }
! strcat(cmdLine, runservice -N \);
! strcat(cmdLine, register_servicename);
! strcat(cmdLine, \);
! }
if (pg_config)
! {
! strcat(cmdLine, -D \);
! strcat(cmdLine, pg_config);
! strcat(cmdLine, \);
! }
if (registration do_wait)
! strcat(cmdLine, -w);
if (registration wait_seconds != DEFAULT_WAIT)
! /* concatenate */
! sprintf(cmdLine + strlen(cmdLine), -t %d, wait_seconds);
if (registration silent_mode)
! strcat(cmdLine, -s);
if (post_opts)
{
- strcat(cmdLine, );
- if (registration)
- strcat(cmdLine, -o \);
- strcat(cmdLine, post_opts);
if (registration)
! strcat(cmdLine, \);
}
! return cmdLine;
}
static void
--- 1266,1319
#ifdef __CYGWIN__
/* need to convert to windows path */
+ {
+ char buf[MAXPGPATH];
+
#if CYGWIN_VERSION_DLL_MAJOR = 1007
! cygwin_conv_path(CCP_POSIX_TO_WIN_A, cmdPath, buf, sizeof(buf));
#else
! cygwin_conv_to_full_win32_path(cmdPath, buf);
#endif
! strcpy(cmdPath, buf);
! }
#endif
+ /* if path does not end in .exe, append it */
+ if (strlen(cmdPath) 4 ||
+ pg_strcasecmp(cmdPath + strlen(cmdPath) - 4, .exe) != 0)
+ snprintf(cmdPath + strlen(cmdPath), sizeof(cmdPath) - strlen(cmdPath),
+ .exe);
+
+ /* be sure to double-quote the executable's name in the command */
+ appendPQExpBuffer(cmdLine, \%s\, cmdPath);
+
+ /* append assorted switches to the command line, as needed */
+
if (registration)
! appendPQExpBuffer(cmdLine, runservice -N \%s\,
! register_servicename);
if (pg_config)
! appendPQExpBuffer(cmdLine, -D \%s\, pg_config);
if
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
ON 11 November 2013, Naoya Anzai Wrote: Hi Amit, I have uploaded your patch for next commit fest, hope you can support it if there is any feedback for your patch by reviewer/committer. Thanks! Okay, I will support you. 1. Patch applies cleanly to master HEAD. 2. No Compilation Warning. 3. It works as per the patch expectation. One suggestion: Instead of using sizeof(cmdLine), a. Can't we use strlen (hence small 'for' loop). b. Or use memmove to move one byte. Thanks and Regards, Kumar Rajeev Rastogi -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
Hi Amit, I have uploaded your patch for next commit fest, hope you can support it if there is any feedback for your patch by reviewer/committer. Thanks! Okay, I will support you. Best Regards, Naoya Hi Naoya, On Thu, Oct 31, 2013 at 5:42 PM, Robert Haas robertmh...@gmail.com wrote: On Thu, Oct 31, 2013 at 1:44 AM, Asif Naeem anaeem...@gmail.com wrote: On Thu, Oct 31, 2013 at 10:17 AM, Amit Kapila amit.kapil...@gmail.com wrote: On Tue, Oct 29, 2013 at 12:46 PM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jp wrote: Hi Sandeep I think, you should change the subject line to Unquoted service path containing space is vulnerable and can be exploited on Windows to get the attention.. :) Thank you for advice! I'll try to post to pgsql-bugs again. I could also reproduce this issue. The situation is very rare such that an exe with name same as first part of directory should exist in installation path. If one of the committers who is knowledgeable about Windows has time to apply this *before* the next CommitFest, that's obviously great. But the purpose of adding a link to the next CommitFest is to provide a backstop, so that we're not relying solely on someone to notice this email thread and pick it up, but instead have the patch as part of a list of patches needing review. I have uploaded your patch for next commit fest, hope you can support it if there is any feedback for your patch by reviewer/committer. With Regards, Amit Kapila. EnterpriseDB: http://www.enterprisedb.com -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers Regards, Naoya --- Naoya Anzai Engineering Department NEC Soft, Ltd. E-Mail: anzai-na...@mxu.nes.nec.co.jp --- -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
Hi Naoya, On Thu, Oct 31, 2013 at 5:42 PM, Robert Haas robertmh...@gmail.com wrote: On Thu, Oct 31, 2013 at 1:44 AM, Asif Naeem anaeem...@gmail.com wrote: On Thu, Oct 31, 2013 at 10:17 AM, Amit Kapila amit.kapil...@gmail.com wrote: On Tue, Oct 29, 2013 at 12:46 PM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jp wrote: Hi Sandeep I think, you should change the subject line to Unquoted service path containing space is vulnerable and can be exploited on Windows to get the attention.. :) Thank you for advice! I'll try to post to pgsql-bugs again. I could also reproduce this issue. The situation is very rare such that an exe with name same as first part of directory should exist in installation path. If one of the committers who is knowledgeable about Windows has time to apply this *before* the next CommitFest, that's obviously great. But the purpose of adding a link to the next CommitFest is to provide a backstop, so that we're not relying solely on someone to notice this email thread and pick it up, but instead have the patch as part of a list of patches needing review. I have uploaded your patch for next commit fest, hope you can support it if there is any feedback for your patch by reviewer/committer. With Regards, Amit Kapila. EnterpriseDB: http://www.enterprisedb.com -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
Services are started with the system privileges. If somebody is able to place that .exe in the specified directory, then it will be executed on service start. So, yes, I too agree with Asif that it is an important issue and should be fixed in the code at the earliest. On Thu, Oct 31, 2013 at 11:14 AM, Asif Naeem anaeem...@gmail.com wrote: On Thu, Oct 31, 2013 at 10:17 AM, Amit Kapila amit.kapil...@gmail.comwrote: On Tue, Oct 29, 2013 at 12:46 PM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jp wrote: Hi Sandeep I think, you should change the subject line to Unquoted service path containing space is vulnerable and can be exploited on Windows to get the attention.. :) Thank you for advice! I'll try to post to pgsql-bugs again. I could also reproduce this issue. The situation is very rare such that an exe with name same as first part of directory should exist in installation path. I believe it is a security risk with bigger impact as it is related to Windows environment and as installers rely on it. I suggest you can post your patch in next commit fest. Yes. Are not vulnerabilities/security risk's taken care of more urgent bases ? With Regards, Amit Kapila. EnterpriseDB: http://www.enterprisedb.com -- Sandeep Thakkar Phone: +91.20.30589505 Website: www.enterprisedb.com EnterpriseDB Blog: http://blogs.enterprisedb.com/ Follow us on Twitter: http://www.twitter.com/enterprisedb
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
On Thu, Oct 31, 2013 at 1:44 AM, Asif Naeem anaeem...@gmail.com wrote: On Thu, Oct 31, 2013 at 10:17 AM, Amit Kapila amit.kapil...@gmail.com wrote: On Tue, Oct 29, 2013 at 12:46 PM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jp wrote: Hi Sandeep I think, you should change the subject line to Unquoted service path containing space is vulnerable and can be exploited on Windows to get the attention.. :) Thank you for advice! I'll try to post to pgsql-bugs again. I could also reproduce this issue. The situation is very rare such that an exe with name same as first part of directory should exist in installation path. I believe it is a security risk with bigger impact as it is related to Windows environment and as installers rely on it. I suggest you can post your patch in next commit fest. Yes. Are not vulnerabilities/security risk's taken care of more urgent bases ? If one of the committers who is knowledgeable about Windows has time to apply this *before* the next CommitFest, that's obviously great. But the purpose of adding a link to the next CommitFest is to provide a backstop, so that we're not relying solely on someone to notice this email thread and pick it up, but instead have the patch as part of a list of patches needing review. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
On Tue, Oct 29, 2013 at 12:46 PM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jp wrote: Hi Sandeep I think, you should change the subject line to Unquoted service path containing space is vulnerable and can be exploited on Windows to get the attention.. :) Thank you for advice! I'll try to post to pgsql-bugs again. I could also reproduce this issue. The situation is very rare such that an exe with name same as first part of directory should exist in installation path. I suggest you can post your patch in next commit fest. With Regards, Amit Kapila. EnterpriseDB: http://www.enterprisedb.com -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
On Thu, Oct 31, 2013 at 10:17 AM, Amit Kapila amit.kapil...@gmail.comwrote: On Tue, Oct 29, 2013 at 12:46 PM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jp wrote: Hi Sandeep I think, you should change the subject line to Unquoted service path containing space is vulnerable and can be exploited on Windows to get the attention.. :) Thank you for advice! I'll try to post to pgsql-bugs again. I could also reproduce this issue. The situation is very rare such that an exe with name same as first part of directory should exist in installation path. I believe it is a security risk with bigger impact as it is related to Windows environment and as installers rely on it. I suggest you can post your patch in next commit fest. Yes. Are not vulnerabilities/security risk's taken care of more urgent bases ? With Regards, Amit Kapila. EnterpriseDB: http://www.enterprisedb.com
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
Yes. It should not be installer issue as installer is using pg_ctl to register and run the service on Windows. Thanks. Best Regards, Muhammad Asif Naeem On Tue, Oct 29, 2013 at 9:57 AM, Sandeep Thakkar sandeep.thak...@enterprisedb.com wrote: So, this is not an installer issue. Is this bug raised to the PostgreSQL community? If yes, you should submit the patch there. On Tue, Oct 29, 2013 at 6:23 AM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jp wrote: Hi, Asif Thank you for providing my patch (pg_ctl.c.patch) to Sandeep on my behalf. Good finding. I have attached another version of patch (pg_ctl.c_windows_vulnerability.patch) attached that has fewer lines of code changes, can you please take a look ?. Thanks. I think your patch is not sufficient to fix. Not only pg_ctl.exe but postgres.exe also have the same problem. Even if your patch is attached, A Path of postgres.exe passed to CreateRestrictedProcess is not enclosed in quotation.(See pgwin32_ServiceMain at pg_ctl.c) So, processing enclosed in quotation should do in both conditions. Regards, Naoya --- Naoya Anzai Engineering Department NEC Soft, Ltd. E-Mail: anzai-na...@mxu.nes.nec.co.jp --- Hi Sandeep, PFA Naoya's patch (pg_ctl.c.patch). Hi Naoya, Good finding. I have attached another version of patch (pg_ctl.c_windows_vulnerability.patch) attached that has fewer lines of code changes, can you please take a look ?. Thanks. Best Regards, Asif Naeem On Mon, Oct 28, 2013 at 4:46 PM, Sandeep Thakkar sandeep.thak...@enterprisedb.com wrote: Hi Dave We register the service using pg_ctl. When I manually executed the following on the command prompt, I saw that the service path of the registered service did not have the pg_ctl.exe path in quotes. May be it should be handled in the pg_ctl code. c:\Users\Sandeep Thakkar\Documentsc:\Program Files\PostgreSQL\9.3\bin\pg_ctl.e xe register -N pg-9.3 -U NT AUTHORITY\NetworkService -D c:\Program Files\P ostgreSQL\9.3\data -w Naoya, I could not find your patch here. Can you please share it again? On Mon, Oct 28, 2013 at 2:53 PM, Dave Page dp...@pgadmin.org wrote: Sandeep, can you look at this please? Thanks. On Mon, Oct 28, 2013 at 8:18 AM, Asif Naeem anaeem...@gmail.com wrote: It is related to windows unquoted service path vulnerability in the the installer that creates service path without quotes that make service.exe to look for undesirable path for executable. postgresql-9.3 service path : C:/Users/asif/Desktop/Program files/9.3/bin/pg_ctl.exe runservice -N postgresql-9.3 -D C:/Users/asif/Desktop/Program files/9.3/data -w service.exe C:\Users\asif\Desktop\Program NAME NOT FOUND C:\Users\asif\Desktop\Program.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data.exe
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
Hi,Sandeep Thanks. Sorry, There was a mistake in what I said. I said Not only pg_ctl.exe but postgres.exe also have the same problem. but, to say it correctly, postgres.exe does not have the problem. Source that contains the problem is only pg_ctl.c. So, this is not an installer issue. Is this bug raised to the PostgreSQL community? If yes, you should submit the patch there. YES, I had submitted there already,But nobody has responded me yet. http://postgresql.1045698.n5.nabble.com/PostgreSQL-Service-on-Windows-does-not-start-td5774206.html Regards, Naoya So, this is not an installer issue. Is this bug raised to the PostgreSQL community? If yes, you should submit the patch there. On Tue, Oct 29, 2013 at 6:23 AM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jp wrote: Hi, Asif Thank you for providing my patch (pg_ctl.c.patch) to Sandeep on my behalf. Good finding. I have attached another version of patch (pg_ctl.c_windows_vulnerability.patch) attached that has fewer lines of code changes, can you please take a look ?. Thanks. I think your patch is not sufficient to fix. Not only pg_ctl.exe but postgres.exe also have the same problem. Even if your patch is attached, A Path of postgres.exe passed to CreateRestrictedProcess is not enclosed in quotation.(See pgwin32_ServiceMain at pg_ctl.c) So, processing enclosed in quotation should do in both conditions. Regards, Naoya --- Naoya Anzai Engineering Department NEC Soft, Ltd. E-Mail: anzai-na...@mxu.nes.nec.co.jp --- Hi Sandeep, PFA Naoya's patch (pg_ctl.c.patch). Hi Naoya, Good finding. I have attached another version of patch (pg_ctl.c_windows_vulnerability.patch) attached that has fewer lines of code changes, can you please take a look ?. Thanks. Best Regards, Asif Naeem On Mon, Oct 28, 2013 at 4:46 PM, Sandeep Thakkar sandeep.thak...@enterprisedb.com wrote: Hi Dave We register the service using pg_ctl. When I manually executed the following on the command prompt, I saw that the service path of the registered service did not have the pg_ctl.exe path in quotes. May be it should be handled in the pg_ctl code. c:\Users\Sandeep Thakkar\Documentsc:\Program Files\PostgreSQL\9.3\bin\pg_ctl.e xe register -N pg-9.3 -U NT AUTHORITY\NetworkService -D c:\Program Files\P ostgreSQL\9.3\data -w Naoya, I could not find your patch here. Can you please share it again? On Mon, Oct 28, 2013 at 2:53 PM, Dave Page dp...@pgadmin.org wrote: Sandeep, can you look at this please? Thanks. On Mon, Oct 28, 2013 at 8:18 AM, Asif Naeem anaeem...@gmail.com wrote: It is related to windows unquoted service path vulnerability in the the installer that creates service path without quotes that make service.exe to look for undesirable path for executable. postgresql-9.3 service path : C:/Users/asif/Desktop/Program files/9.3/bin/pg_ctl.exe runservice -N postgresql-9.3 -D C:/Users/asif/Desktop/Program files/9.3/data -w service.exe C:\Users\asif\Desktop\Program NAME NOT FOUND C:\Users\asif\Desktop\Program.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
Hi Naoya I think, you should change the subject line to Unquoted service path containing space is vulnerable and can be exploited on Windows to get the attention.. :) BTW, in your case, the file Program should be an exe and not just any other file to exploit this vulnerability. Right? On Tue, Oct 29, 2013 at 11:34 AM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jp wrote: Hi,Sandeep Thanks. Sorry, There was a mistake in what I said. I said Not only pg_ctl.exe but postgres.exe also have the same problem. but, to say it correctly, postgres.exe does not have the problem. Source that contains the problem is only pg_ctl.c. So, this is not an installer issue. Is this bug raised to the PostgreSQL community? If yes, you should submit the patch there. YES, I had submitted there already,But nobody has responded me yet. http://postgresql.1045698.n5.nabble.com/PostgreSQL-Service-on-Windows-does-not-start-td5774206.html Regards, Naoya So, this is not an installer issue. Is this bug raised to the PostgreSQL community? If yes, you should submit the patch there. On Tue, Oct 29, 2013 at 6:23 AM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jp wrote: Hi, Asif Thank you for providing my patch (pg_ctl.c.patch) to Sandeep on my behalf. Good finding. I have attached another version of patch (pg_ctl.c_windows_vulnerability.patch) attached that has fewer lines of code changes, can you please take a look ?. Thanks. I think your patch is not sufficient to fix. Not only pg_ctl.exe but postgres.exe also have the same problem. Even if your patch is attached, A Path of postgres.exe passed to CreateRestrictedProcess is not enclosed in quotation.(See pgwin32_ServiceMain at pg_ctl.c) So, processing enclosed in quotation should do in both conditions. Regards, Naoya --- Naoya Anzai Engineering Department NEC Soft, Ltd. E-Mail: anzai-na...@mxu.nes.nec.co.jp --- Hi Sandeep, PFA Naoya's patch (pg_ctl.c.patch). Hi Naoya, Good finding. I have attached another version of patch (pg_ctl.c_windows_vulnerability.patch) attached that has fewer lines of code changes, can you please take a look ?. Thanks. Best Regards, Asif Naeem On Mon, Oct 28, 2013 at 4:46 PM, Sandeep Thakkar sandeep.thak...@enterprisedb.com wrote: Hi Dave We register the service using pg_ctl. When I manually executed the following on the command prompt, I saw that the service path of the registered service did not have the pg_ctl.exe path in quotes. May be it should be handled in the pg_ctl code. c:\Users\Sandeep Thakkar\Documentsc:\Program Files\PostgreSQL\9.3\bin\pg_ctl.e xe register -N pg-9.3 -U NT AUTHORITY\NetworkService -D c:\Program Files\P ostgreSQL\9.3\data -w Naoya, I could not find your patch here. Can you please share it again? On Mon, Oct 28, 2013 at 2:53 PM, Dave Page dp...@pgadmin.org wrote: Sandeep, can you look at this please? Thanks. On Mon, Oct 28, 2013 at 8:18 AM, Asif Naeem anaeem...@gmail.com wrote: It is related to windows unquoted service path vulnerability in the the installer that creates service path without quotes that make service.exe to look for undesirable path for executable. postgresql-9.3 service path : C:/Users/asif/Desktop/Program files/9.3/bin/pg_ctl.exe runservice -N postgresql-9.3 -D C:/Users/asif/Desktop/Program files/9.3/data -w service.exe C:\Users\asif\Desktop\Program NAME NOT FOUND C:\Users\asif\Desktop\Program.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N.exe NAME NOT FOUND
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
Hi Sandeep I think, you should change the subject line to Unquoted service path containing space is vulnerable and can be exploited on Windows to get the attention.. :) Thank you for advice! I'll try to post to pgsql-bugs again. BTW, in your case, the file Program should be an exe and not just any other file to exploit this vulnerability. Right? Yes, Program is a simple file I made. Best Regards, Naoya Hi Naoya I think, you should change the subject line to Unquoted service path containing space is vulnerable and can be exploited on Windows to get the attention.. :) BTW, in your case, the file Program should be an exe and not just any other file to exploit this vulnerability. Right? On Tue, Oct 29, 2013 at 11:34 AM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jp wrote: Hi,Sandeep Thanks. Sorry, There was a mistake in what I said. I said Not only pg_ctl.exe but postgres.exe also have the same problem. but, to say it correctly, postgres.exe does not have the problem. Source that contains the problem is only pg_ctl.c. So, this is not an installer issue. Is this bug raised to the PostgreSQL community? If yes, you should submit the patch there. YES, I had submitted there already,But nobody has responded me yet. http://postgresql.1045698.n5.nabble.com/PostgreSQL-Service-on-Windows-does-not-start-td5774206.html Regards, Naoya So, this is not an installer issue. Is this bug raised to the PostgreSQL community? If yes, you should submit the patch there. On Tue, Oct 29, 2013 at 6:23 AM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jp wrote: Hi, Asif Thank you for providing my patch (pg_ctl.c.patch) to Sandeep on my behalf. Good finding. I have attached another version of patch (pg_ctl.c_windows_vulnerability.patch) attached that has fewer lines of code changes, can you please take a look ?. Thanks. I think your patch is not sufficient to fix. Not only pg_ctl.exe but postgres.exe also have the same problem. Even if your patch is attached, A Path of postgres.exe passed to CreateRestrictedProcess is not enclosed in quotation.(See pgwin32_ServiceMain at pg_ctl.c) So, processing enclosed in quotation should do in both conditions. Regards, Naoya --- Naoya Anzai Engineering Department NEC Soft, Ltd. E-Mail: anzai-na...@mxu.nes.nec.co.jp --- Hi Sandeep, PFA Naoya's patch (pg_ctl.c.patch). Hi Naoya, Good finding. I have attached another version of patch (pg_ctl.c_windows_vulnerability.patch) attached that has fewer lines of code changes, can you please take a look ?. Thanks. Best Regards, Asif Naeem On Mon, Oct 28, 2013 at 4:46 PM, Sandeep Thakkar sandeep.thak...@enterprisedb.com wrote: Hi Dave We register the service using pg_ctl. When I manually executed the following on the command prompt, I saw that the service path of the registered service did not have the pg_ctl.exe path in quotes. May be it should be handled in the pg_ctl code. c:\Users\Sandeep Thakkar\Documentsc:\Program Files\PostgreSQL\9.3\bin\pg_ctl.e xe register -N pg-9.3 -U NT AUTHORITY\NetworkService -D c:\Program Files\P ostgreSQL\9.3\data -w Naoya, I could not find your patch here. Can you please share it again? On Mon, Oct 28, 2013 at 2:53 PM, Dave Page dp...@pgadmin.org wrote: Sandeep, can you look at this please? Thanks. On Mon, Oct 28, 2013 at 8:18 AM, Asif Naeem anaeem...@gmail.com wrote: It is related to windows unquoted service path vulnerability in the the installer that creates service path without quotes that make service.exe to look for undesirable path for executable. postgresql-9.3 service path : C:/Users/asif/Desktop/Program files/9.3/bin/pg_ctl.exe runservice -N postgresql-9.3 -D
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
Hi Naoya, I am not able to reproduce the problem. Do you mean pg windows service installed by installer is not working or bin\pg_ctl binary is not accepting spaces in the patch ?. Following worked for me i.e. C:\Users\asif\Desktop\Program files\9.3bin\pg_ctl -D C:\Users\asif\Desktop\Program files\9.3\data1 -l logfile start server starting Can you please share the exact steps ?. Thanks. Regards, Muhammad Asif Naeem On Mon, Oct 28, 2013 at 10:26 AM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jp wrote: Hi All, I have found a case that PostgreSQL Service does not start. When it happens, the following error appears. is not a valid Win32 application This failure occurs when the following conditions are true. 1. There is postgres.exe in any directory that contains a space, such as Program Files. e.g.) C:\Program Files\PostgreSQL\bin\postgres.exe 2. A file using the first white space-delimited tokens of that directory as the file name exists, and there is it in the same hierarchy. e.g.) C:\Program //file pg_ctl.exe as PostgreSQL Service creates a postgres process using an absolute path which indicates the location of postgres.exe,but the path is not enclosed in quotation. Therefore,if the above-mentioned conditions are true, CreateProcessAsUser(a Windows Function called by pg_ctl.exe) tries to create a process using the other file such as Program, so the service fails to start. Accordingly, I think that the command path should be enclosed in quotation. I created a patch to fix this failure, So could anyone confirm? Regards, Naoya --- Naoya Anzai Engineering Department NEC Soft, Ltd. E-Mail: anzai-na...@mxu.nes.nec.co.jp --- -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
Hi, Asif. Thank you for response. C:\Users\asif\Desktop\Program files\9.3bin\pg_ctl -D C:\Users\asif\Desktop\Program files\9.3\data1 -l logfile start server starting This failure does not occur by the command line. PostgreSQL needs to start by Windows Service. Additionally,In this case, A file Program needs to be exist at C:\Users\asif\Desktop\, and postgres.exe needs to be exist at C:\Users\asif\Desktop\Program files\9.3\bin. C:\Users\asif\Desktop\Program files\9.3\bindir ... 4,435,456 postgres.exe 80,896 pg_ctl.exe ... C:\Users\asif\Desktoppdir ... 0 Program DIR Program files ... Regards, Naoya Hi Naoya, I am not able to reproduce the problem. Do you mean pg windows service installed by installer is not working or bin\pg_ctl binary is not accepting spaces in the patch ?. Following worked for me i.e. C:\Users\asif\Desktop\Program files\9.3bin\pg_ctl -D C:\Users\asif\Desktop\Program files\9.3\data1 -l logfile start server starting Can you please share the exact steps ?. Thanks. Regards, Muhammad Asif Naeem On Mon, Oct 28, 2013 at 10:26 AM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jp wrote: Hi All, I have found a case that PostgreSQL Service does not start. When it happens, the following error appears. is not a valid Win32 application This failure occurs when the following conditions are true. 1. There is postgres.exe in any directory that contains a space, such as Program Files. e.g.) C:\Program Files\PostgreSQL\bin\postgres.exe 2. A file using the first white space-delimited tokens of that directory as the file name exists, and there is it in the same hierarchy. e.g.) C:\Program //file pg_ctl.exe as PostgreSQL Service creates a postgres process using an absolute path which indicates the location of postgres.exe,but the path is not enclosed in quotation. Therefore,if the above-mentioned conditions are true, CreateProcessAsUser(a Windows Function called by pg_ctl.exe) tries to create a process using the other file such as Program, so the service fails to start. Accordingly, I think that the command path should be enclosed in quotation. I created a patch to fix this failure, So could anyone confirm? Regards, Naoya --- Naoya Anzai Engineering Department NEC Soft, Ltd. E-Mail: anzai-na...@mxu.nes.nec.co.jp --- -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers 以上、よろしくお願い致します。 NECソフト株式会社 PFシステム事業部 テーマソフト開発G 安西 直也 外線(03)5534-2353 内線(8)57-40364 Mail:NES-N2363 E-mail:anzai-na...@mxu.nes.nec.co.jp ≪本メールの取り扱い≫ ・区分:秘密 ・開示:必要最小限で可 ・持出:禁止 ・期限:無期限 ・用済後:廃棄 -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
It is related to windows unquoted service path vulnerability in the the installer that creates service path without quotes that make service.exe to look for undesirable path for executable. postgresql-9.3 service path : C:/Users/asif/Desktop/Program files/9.3/bin/pg_ctl.exe runservice -N postgresql-9.3 -D C:/Users/asif/Desktop/Program files/9.3/data -w service.exe C:\Users\asif\Desktop\Program NAME NOT FOUND C:\Users\asif\Desktop\Program.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data -w NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data -w.exe NAME INVALID Fix : postgresql-9.3 service path : C:/Users/asif/Desktop/Program files/9.3/bin/pg_ctl.exe runservice -N postgresql-9.3 -D C:/Users/asif/Desktop/Program files/9.3/data -w It would be good if this is reported on pg installer forum or security forum. Thanks. Regards, Asif Naeem On Mon, Oct 28, 2013 at 12:06 PM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jp wrote: Hi, Asif. Thank you for response. C:\Users\asif\Desktop\Program files\9.3bin\pg_ctl -D C:\Users\asif\Desktop\Program files\9.3\data1 -l logfile start server starting This failure does not occur by the command line. PostgreSQL needs to start by Windows Service. Additionally,In this case, A file Program needs to be exist at C:\Users\asif\Desktop\, and postgres.exe needs to be exist at C:\Users\asif\Desktop\Program files\9.3\bin. C:\Users\asif\Desktop\Program files\9.3\bindir ... 4,435,456 postgres.exe 80,896 pg_ctl.exe ... C:\Users\asif\Desktoppdir ... 0 Program DIR Program files ... Regards, Naoya Hi Naoya, I am not able to reproduce the problem. Do you mean pg windows service installed by installer is not working or bin\pg_ctl binary is not accepting spaces in the patch ?. Following worked for me i.e. C:\Users\asif\Desktop\Program files\9.3bin\pg_ctl -D C:\Users\asif\Desktop\Program files\9.3\data1 -l logfile start server starting Can you please share the exact steps ?. Thanks. Regards, Muhammad Asif Naeem On Mon, Oct 28, 2013 at 10:26 AM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jp wrote: Hi All, I have found a case that PostgreSQL Service does not start. When it happens, the following error appears. is not a valid Win32 application This failure occurs when the following conditions are true. 1. There is postgres.exe in any directory that contains a space, such as Program Files. e.g.) C:\Program Files\PostgreSQL\bin\postgres.exe 2. A file using the first white space-delimited tokens of that directory as the file name exists, and there is it in the same hierarchy. e.g.) C:\Program //file pg_ctl.exe as PostgreSQL Service creates a postgres process using an absolute path which indicates the location of postgres.exe,but the path is not enclosed in quotation. Therefore,if the above-mentioned conditions are true, CreateProcessAsUser(a Windows Function called by pg_ctl.exe) tries to create a process using the other file such as Program, so the
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
Sandeep, can you look at this please? Thanks. On Mon, Oct 28, 2013 at 8:18 AM, Asif Naeem anaeem...@gmail.com wrote: It is related to windows unquoted service path vulnerability in the the installer that creates service path without quotes that make service.exe to look for undesirable path for executable. postgresql-9.3 service path : C:/Users/asif/Desktop/Program files/9.3/bin/pg_ctl.exe runservice -N postgresql-9.3 -D C:/Users/asif/Desktop/Program files/9.3/data -w service.exe C:\Users\asif\Desktop\Program NAME NOT FOUND C:\Users\asif\Desktop\Program.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data -w NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data -w.exe NAME INVALID Fix : postgresql-9.3 service path : C:/Users/asif/Desktop/Program files/9.3/bin/pg_ctl.exe runservice -N postgresql-9.3 -D C:/Users/asif/Desktop/Program files/9.3/data -w It would be good if this is reported on pg installer forum or security forum. Thanks. Regards, Asif Naeem On Mon, Oct 28, 2013 at 12:06 PM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jp wrote: Hi, Asif. Thank you for response. C:\Users\asif\Desktop\Program files\9.3bin\pg_ctl -D C:\Users\asif\Desktop\Program files\9.3\data1 -l logfile start server starting This failure does not occur by the command line. PostgreSQL needs to start by Windows Service. Additionally,In this case, A file Program needs to be exist at C:\Users\asif\Desktop\, and postgres.exe needs to be exist at C:\Users\asif\Desktop\Program files\9.3\bin. C:\Users\asif\Desktop\Program files\9.3\bindir ... 4,435,456 postgres.exe 80,896 pg_ctl.exe ... C:\Users\asif\Desktoppdir ... 0 Program DIR Program files ... Regards, Naoya Hi Naoya, I am not able to reproduce the problem. Do you mean pg windows service installed by installer is not working or bin\pg_ctl binary is not accepting spaces in the patch ?. Following worked for me i.e. C:\Users\asif\Desktop\Program files\9.3bin\pg_ctl -D C:\Users\asif\Desktop\Program files\9.3\data1 -l logfile start server starting Can you please share the exact steps ?. Thanks. Regards, Muhammad Asif Naeem On Mon, Oct 28, 2013 at 10:26 AM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jp wrote: Hi All, I have found a case that PostgreSQL Service does not start. When it happens, the following error appears. is not a valid Win32 application This failure occurs when the following conditions are true. 1. There is postgres.exe in any directory that contains a space, such as Program Files. e.g.) C:\Program Files\PostgreSQL\bin\postgres.exe 2. A file using the first white space-delimited tokens of that directory as the file name exists, and there is it in the same hierarchy. e.g.) C:\Program //file pg_ctl.exe as PostgreSQL Service creates a postgres process using an absolute path which indicates the location of postgres.exe,but the path is not enclosed in quotation. Therefore,if the above-mentioned conditions are true,
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
Hi Dave We register the service using pg_ctl. When I manually executed the following on the command prompt, I saw that the service path of the registered service did not have the pg_ctl.exe path in quotes. May be it should be handled in the pg_ctl code. *c:\Users\Sandeep Thakkar\Documents*c:\Program Files\PostgreSQL\9.3\bin\pg_ctl.e xe register -N pg-9.3 -U NT AUTHORITY\NetworkService -D c:\Program Files\P ostgreSQL\9.3\data -w Naoya, I could not find your patch here. Can you please share it again? On Mon, Oct 28, 2013 at 2:53 PM, Dave Page dp...@pgadmin.org wrote: Sandeep, can you look at this please? Thanks. On Mon, Oct 28, 2013 at 8:18 AM, Asif Naeem anaeem...@gmail.com wrote: It is related to windows unquoted service path vulnerability in the the installer that creates service path without quotes that make service.exe to look for undesirable path for executable. postgresql-9.3 service path : C:/Users/asif/Desktop/Program files/9.3/bin/pg_ctl.exe runservice -N postgresql-9.3 -D C:/Users/asif/Desktop/Program files/9.3/data -w service.exe C:\Users\asif\Desktop\Program NAME NOT FOUND C:\Users\asif\Desktop\Program.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data -w NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data -w.exe NAME INVALID Fix : postgresql-9.3 service path : C:/Users/asif/Desktop/Program files/9.3/bin/pg_ctl.exe runservice -N postgresql-9.3 -D C:/Users/asif/Desktop/Program files/9.3/data -w It would be good if this is reported on pg installer forum or security forum. Thanks. Regards, Asif Naeem On Mon, Oct 28, 2013 at 12:06 PM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jp wrote: Hi, Asif. Thank you for response. C:\Users\asif\Desktop\Program files\9.3bin\pg_ctl -D C:\Users\asif\Desktop\Program files\9.3\data1 -l logfile start server starting This failure does not occur by the command line. PostgreSQL needs to start by Windows Service. Additionally,In this case, A file Program needs to be exist at C:\Users\asif\Desktop\, and postgres.exe needs to be exist at C:\Users\asif\Desktop\Program files\9.3\bin. C:\Users\asif\Desktop\Program files\9.3\bindir ... 4,435,456 postgres.exe 80,896 pg_ctl.exe ... C:\Users\asif\Desktoppdir ... 0 Program DIR Program files ... Regards, Naoya Hi Naoya, I am not able to reproduce the problem. Do you mean pg windows service installed by installer is not working or bin\pg_ctl binary is not accepting spaces in the patch ?. Following worked for me i.e. C:\Users\asif\Desktop\Program files\9.3bin\pg_ctl -D C:\Users\asif\Desktop\Program files\9.3\data1 -l logfile start server starting Can you please share the exact steps ?. Thanks. Regards, Muhammad Asif Naeem On Mon, Oct 28, 2013 at 10:26 AM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jp wrote: Hi All, I have found a case that PostgreSQL Service does not start. When it happens, the following error appears. is not a valid Win32 application This failure occurs when the following
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
Hi Sandeep, PFA Naoya's patch (pg_ctl.c.patch). Hi Naoya, Good finding. I have attached another version of patch (pg_ctl.c_windows_vulnerability.patch) attached that has fewer lines of code changes, can you please take a look ?. Thanks. Best Regards, Asif Naeem On Mon, Oct 28, 2013 at 4:46 PM, Sandeep Thakkar sandeep.thak...@enterprisedb.com wrote: Hi Dave We register the service using pg_ctl. When I manually executed the following on the command prompt, I saw that the service path of the registered service did not have the pg_ctl.exe path in quotes. May be it should be handled in the pg_ctl code. *c:\Users\Sandeep Thakkar\Documents*c:\Program Files\PostgreSQL\9.3\bin\pg_ctl.e xe register -N pg-9.3 -U NT AUTHORITY\NetworkService -D c:\Program Files\P ostgreSQL\9.3\data -w Naoya, I could not find your patch here. Can you please share it again? On Mon, Oct 28, 2013 at 2:53 PM, Dave Page dp...@pgadmin.org wrote: Sandeep, can you look at this please? Thanks. On Mon, Oct 28, 2013 at 8:18 AM, Asif Naeem anaeem...@gmail.com wrote: It is related to windows unquoted service path vulnerability in the the installer that creates service path without quotes that make service.exe to look for undesirable path for executable. postgresql-9.3 service path : C:/Users/asif/Desktop/Program files/9.3/bin/pg_ctl.exe runservice -N postgresql-9.3 -D C:/Users/asif/Desktop/Program files/9.3/data -w service.exe C:\Users\asif\Desktop\Program NAME NOT FOUND C:\Users\asif\Desktop\Program.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data -w NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data -w.exe NAME INVALID Fix : postgresql-9.3 service path : C:/Users/asif/Desktop/Program files/9.3/bin/pg_ctl.exe runservice -N postgresql-9.3 -D C:/Users/asif/Desktop/Program files/9.3/data -w It would be good if this is reported on pg installer forum or security forum. Thanks. Regards, Asif Naeem On Mon, Oct 28, 2013 at 12:06 PM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jp wrote: Hi, Asif. Thank you for response. C:\Users\asif\Desktop\Program files\9.3bin\pg_ctl -D C:\Users\asif\Desktop\Program files\9.3\data1 -l logfile start server starting This failure does not occur by the command line. PostgreSQL needs to start by Windows Service. Additionally,In this case, A file Program needs to be exist at C:\Users\asif\Desktop\, and postgres.exe needs to be exist at C:\Users\asif\Desktop\Program files\9.3\bin. C:\Users\asif\Desktop\Program files\9.3\bindir ... 4,435,456 postgres.exe 80,896 pg_ctl.exe ... C:\Users\asif\Desktoppdir ... 0 Program DIR Program files ... Regards, Naoya Hi Naoya, I am not able to reproduce the problem. Do you mean pg windows service installed by installer is not working or bin\pg_ctl binary is not accepting spaces in the patch ?. Following worked for me i.e. C:\Users\asif\Desktop\Program files\9.3bin\pg_ctl -D C:\Users\asif\Desktop\Program files\9.3\data1 -l logfile start server starting Can you please share the exact steps ?. Thanks.
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
Hi, Asif Thank you for providing my patch (pg_ctl.c.patch) to Sandeep on my behalf. Good finding. I have attached another version of patch (pg_ctl.c_windows_vulnerability.patch) attached that has fewer lines of code changes, can you please take a look ?. Thanks. I think your patch is not sufficient to fix. Not only pg_ctl.exe but postgres.exe also have the same problem. Even if your patch is attached, A Path of postgres.exe passed to CreateRestrictedProcess is not enclosed in quotation.(See pgwin32_ServiceMain at pg_ctl.c) So, processing enclosed in quotation should do in both conditions. Regards, Naoya --- Naoya Anzai Engineering Department NEC Soft, Ltd. E-Mail: anzai-na...@mxu.nes.nec.co.jp --- Hi Sandeep, PFA Naoya's patch (pg_ctl.c.patch). Hi Naoya, Good finding. I have attached another version of patch (pg_ctl.c_windows_vulnerability.patch) attached that has fewer lines of code changes, can you please take a look ?. Thanks. Best Regards, Asif Naeem On Mon, Oct 28, 2013 at 4:46 PM, Sandeep Thakkar sandeep.thak...@enterprisedb.com wrote: Hi Dave We register the service using pg_ctl. When I manually executed the following on the command prompt, I saw that the service path of the registered service did not have the pg_ctl.exe path in quotes. May be it should be handled in the pg_ctl code. c:\Users\Sandeep Thakkar\Documentsc:\Program Files\PostgreSQL\9.3\bin\pg_ctl.e xe register -N pg-9.3 -U NT AUTHORITY\NetworkService -D c:\Program Files\P ostgreSQL\9.3\data -w Naoya, I could not find your patch here. Can you please share it again? On Mon, Oct 28, 2013 at 2:53 PM, Dave Page dp...@pgadmin.org wrote: Sandeep, can you look at this please? Thanks. On Mon, Oct 28, 2013 at 8:18 AM, Asif Naeem anaeem...@gmail.com wrote: It is related to windows unquoted service path vulnerability in the the installer that creates service path without quotes that make service.exe to look for undesirable path for executable. postgresql-9.3 service path : C:/Users/asif/Desktop/Program files/9.3/bin/pg_ctl.exe runservice -N postgresql-9.3 -D C:/Users/asif/Desktop/Program files/9.3/data -w service.exe C:\Users\asif\Desktop\Program NAME NOT FOUND C:\Users\asif\Desktop\Program.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data -w NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data -w.exe NAME INVALID Fix
Re: [HACKERS] PostgreSQL Service on Windows does not start. ~ is not a valid Win32 application
So, this is not an installer issue. Is this bug raised to the PostgreSQL community? If yes, you should submit the patch there. On Tue, Oct 29, 2013 at 6:23 AM, Naoya Anzai anzai-na...@mxu.nes.nec.co.jpwrote: Hi, Asif Thank you for providing my patch (pg_ctl.c.patch) to Sandeep on my behalf. Good finding. I have attached another version of patch (pg_ctl.c_windows_vulnerability.patch) attached that has fewer lines of code changes, can you please take a look ?. Thanks. I think your patch is not sufficient to fix. Not only pg_ctl.exe but postgres.exe also have the same problem. Even if your patch is attached, A Path of postgres.exe passed to CreateRestrictedProcess is not enclosed in quotation.(See pgwin32_ServiceMain at pg_ctl.c) So, processing enclosed in quotation should do in both conditions. Regards, Naoya --- Naoya Anzai Engineering Department NEC Soft, Ltd. E-Mail: anzai-na...@mxu.nes.nec.co.jp --- Hi Sandeep, PFA Naoya's patch (pg_ctl.c.patch). Hi Naoya, Good finding. I have attached another version of patch (pg_ctl.c_windows_vulnerability.patch) attached that has fewer lines of code changes, can you please take a look ?. Thanks. Best Regards, Asif Naeem On Mon, Oct 28, 2013 at 4:46 PM, Sandeep Thakkar sandeep.thak...@enterprisedb.com wrote: Hi Dave We register the service using pg_ctl. When I manually executed the following on the command prompt, I saw that the service path of the registered service did not have the pg_ctl.exe path in quotes. May be it should be handled in the pg_ctl code. c:\Users\Sandeep Thakkar\Documentsc:\Program Files\PostgreSQL\9.3\bin\pg_ctl.e xe register -N pg-9.3 -U NT AUTHORITY\NetworkService -D c:\Program Files\P ostgreSQL\9.3\data -w Naoya, I could not find your patch here. Can you please share it again? On Mon, Oct 28, 2013 at 2:53 PM, Dave Page dp...@pgadmin.org wrote: Sandeep, can you look at this please? Thanks. On Mon, Oct 28, 2013 at 8:18 AM, Asif Naeem anaeem...@gmail.com wrote: It is related to windows unquoted service path vulnerability in the the installer that creates service path without quotes that make service.exe to look for undesirable path for executable. postgresql-9.3 service path : C:/Users/asif/Desktop/Program files/9.3/bin/pg_ctl.exe runservice -N postgresql-9.3 -D C:/Users/asif/Desktop/Program files/9.3/data -w service.exe C:\Users\asif\Desktop\Program NAME NOT FOUND C:\Users\asif\Desktop\Program.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N.exe NAME NOT FOUND C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data.exe NAME INVALID C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N postgresql-9.3 -D C:\Users\asif\Desktop\Program files\9.3\data -w NAME INVALID
