Re: PostgreSQL Service on Windows does not start. ~ "is not a valid Win32 application"

Sandeep, can you look at this please? Thanks.

On Mon, Oct 28, 2013 at 8:18 AM, Asif Naeem <anaeem(dot)it(at)gmail(dot)com> wrote:
> It is related to windows unquoted service path vulnerability in the the
> installer that creates service path without quotes that make service.exe to
> look for undesirable path for executable.
>
> postgresql-9.3 service path : C:/Users/asif/Desktop/Program
> files/9.3/bin/pg_ctl.exe runservice -N "postgresql-9.3" -D
> "C:/Users/asif/Desktop/Program files/9.3/data" -w
>
> service.exe
>>
>> C:\Users\asif\Desktop\Program NAME NOT FOUND
>> C:\Users\asif\Desktop\Program.exe NAME NOT FOUND
>> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED
>> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED
>> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice NAME
>> NOT FOUND
>> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice.exe
>> NAME NOT FOUND
>> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N
>> NAME NOT FOUND
>> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N.exe
>> NAME NOT FOUND
>> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N
>> "postgresql-9.3" NAME INVALID
>> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N
>> "postgresql-9.3".exe NAME INVALID
>> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N
>> "postgresql-9.3" -D NAME INVALID
>> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N
>> "postgresql-9.3" -D.exe NAME INVALID
>> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N
>> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program NAME INVALID
>> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N
>> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program.exe NAME INVALID
>> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N
>> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program files\9.3\data" NAME
>> INVALID
>> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N
>> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program files\9.3\data".exe
>> NAME INVALID
>> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N
>> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program files\9.3\data" -w
>> NAME INVALID
>> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N
>> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program files\9.3\data" -w.exe
>> NAME INVALID
>
>
> Fix :
>
> postgresql-9.3 service path : "C:/Users/asif/Desktop/Program
> files/9.3/bin/pg_ctl.exe" runservice -N "postgresql-9.3" -D
> "C:/Users/asif/Desktop/Program files/9.3/data" -w
>
> It would be good if this is reported on pg installer forum or security
> forum. Thanks.
>
> Regards,
> Asif Naeem
>
> On Mon, Oct 28, 2013 at 12:06 PM, Naoya Anzai
> <anzai-naoya(at)mxu(dot)nes(dot)nec(dot)co(dot)jp> wrote:
>>
>> Hi, Asif.
>>
>> Thank you for response.
>>
>>
>> > C:\Users\asif\Desktop\Program files\9.3>"bin\pg_ctl" -D
>> > "C:\Users\asif\Desktop\Program files\9.3\data1" -l logfile start
>> > server starting
>>
>> This failure does not occur by the command line.
>> PostgreSQL needs to start by Windows Service.
>>
>> Additionally,In this case,
>> A file "Program" needs to be exist at "C:\Users\asif\Desktop\", and
>> "postgres.exe" needs to be exist at "C:\Users\asif\Desktop\Program
>> files\9.3\bin".
>> ------------
>> C:\Users\asif\Desktop\Program files\9.3\bin>dir
>> ...
>> 4,435,456 postgres.exe
>> 80,896 pg_ctl.exe
>> ...
>>
>> C:\Users\asif\Desktopp>dir
>> ...
>> 0 Program
>> <DIR> Program files
>> ...
>> ------------
>>
>> Regards,
>> Naoya
>>
>> > Hi Naoya,
>> >
>> > I am not able to reproduce the problem. Do you mean pg windows service
>> > installed by installer is not working or bin\pg_ctl binary is not accepting
>> > spaces in the patch ?. Following worked for me i.e.
>> >
>> >
>> > C:\Users\asif\Desktop\Program files\9.3>"bin\pg_ctl" -D
>> > "C:\Users\asif\Desktop\Program files\9.3\data1" -l logfile start
>> > server starting
>> >
>> >
>> > Can you please share the exact steps ?. Thanks.
>> >
>> >
>> > Regards,
>> > Muhammad Asif Naeem
>> >
>> >
>> >
>> > On Mon, Oct 28, 2013 at 10:26 AM, Naoya Anzai
>> > <anzai-naoya(at)mxu(dot)nes(dot)nec(dot)co(dot)jp> wrote:
>> >
>> >
>> > Hi All,
>> >
>> > I have found a case that PostgreSQL Service does not start.
>> > When it happens, the following error appears.
>> >
>> > "is not a valid Win32 application"
>> >
>> > This failure occurs when the following conditions are true.
>> >
>> > 1. There is "postgres.exe" in any directory that contains a space,
>> > such as "Program Files".
>> >
>> > e.g.)
>> > C:\Program Files\PostgreSQL\bin\postgres.exe
>> >
>> > 2. A file using the first white space-delimited
>> > tokens of that directory as the file name exists,
>> > and there is it in the same hierarchy.
>> >
>> > e.g.)
>> > C:\Program //file
>> >
>> > "pg_ctl.exe" as PostgreSQL Service creates a postgres
>> > process using an absolute path which indicates the
>> > location of "postgres.exe",but the path is not enclosed
>> > in quotation.
>> >
>> > Therefore,if the above-mentioned conditions are true,
>> > CreateProcessAsUser(a Windows Function called by pg_ctl.exe)
>> > tries to create a process using the other file such
>> > as "Program", so the service fails to start.
>> >
>> > Accordingly, I think that the command path should be
>> > enclosed in quotation.
>> >
>> > I created a patch to fix this failure,
>> > So could anyone confirm?
>> >
>> > Regards,
>> >
>> > Naoya
>> >
>> > ---
>> > Naoya Anzai
>> > Engineering Department
>> > NEC Soft, Ltd.
>> > E-Mail: anzai-naoya(at)mxu(dot)nes(dot)nec(dot)co(dot)jp
>> > ---
>> >
>> >
>> > --
>> > Sent via pgsql-hackers mailing list (pgsql-hackers(at)postgresql(dot)org)
>> > To make changes to your subscription:
>> > http://www.postgresql.org/mailpref/pgsql-hackers
>> >
>> >
>> >
>> >
>> >
>>
>> 以上、よろしくお願い致します。
>>
>> --------------------------------------------------------
>> NECソフト株式会社
>> PFシステム事業部 テーマソフト開発G
>> 安西 直也
>>
>> 外線(03)5534-2353
>> 内線(8)57-40364
>> Mail:NES-N2363
>> E-mail:anzai-naoya(at)mxu(dot)nes(dot)nec(dot)co(dot)jp
>> --------------------------------------------------------
>> ≪本メールの取り扱い≫
>> ・区分：秘密
>> ・開示：必要最小限で可
>> ・持出：禁止
>> ・期限：無期限
>> ・用済後：廃棄
>>
>>
>>

--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake

EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company