Re: PostgreSQL Service on Windows does not start. ~ "is not a valid Win32 application"

So, this is not an installer issue. Is this bug raised to the PostgreSQL
community? If yes, you should submit the patch there.

On Tue, Oct 29, 2013 at 6:23 AM, Naoya Anzai
<anzai-naoya(at)mxu(dot)nes(dot)nec(dot)co(dot)jp>wrote:

> Hi, Asif
>
> Thank you for providing my patch (pg_ctl.c.patch) to Sandeep on my behalf.
>
> > Good finding. I have attached another version of patch
> (pg_ctl.c_windows_vulnerability.patch) attached that has fewer lines of
> code changes, can you please take a look ?. Thanks.
>
> I think your patch is not sufficient to fix.
> Not only "pg_ctl.exe" but "postgres.exe" also have the same problem.
> Even if your patch is attached,
> A Path of "postgres.exe" passed to CreateRestrictedProcess is not enclosed
> in quotation.(See pgwin32_ServiceMain at pg_ctl.c)
>
> So, processing enclosed in quotation should do in both conditions.
>
> Regards,
> Naoya
>
> ---
> Naoya Anzai
> Engineering Department
> NEC Soft, Ltd.
> E-Mail: anzai-naoya(at)mxu(dot)nes(dot)nec(dot)co(dot)jp
> ---
>
>
> > Hi Sandeep,
> >
> > PFA Naoya's patch (pg_ctl.c.patch).
> >
> > Hi Naoya,
> >
> > Good finding. I have attached another version of patch
> (pg_ctl.c_windows_vulnerability.patch) attached that has fewer lines of
> code changes, can you please take a look ?. Thanks.
> >
> > Best Regards,
> > Asif Naeem
> >
> >
> > On Mon, Oct 28, 2013 at 4:46 PM, Sandeep Thakkar <
> sandeep(dot)thakkar(at)enterprisedb(dot)com> wrote:
> >
> >
> > Hi Dave
> >
> > We register the service using pg_ctl. When I manually executed the
> following on the command prompt, I saw that the service path of the
> registered service did not have the pg_ctl.exe path in quotes. May be it
> should be handled in the pg_ctl code.
> >
> > c:\Users\Sandeep Thakkar\Documents>"c:\Program
> Files\PostgreSQL\9.3\bin\pg_ctl.e
> > xe" register -N "pg-9.3" -U "NT AUTHORITY\NetworkService" -D
> "c:\Program Files\P
> > ostgreSQL\9.3\data" -w
> >
> > Naoya, I could not find your patch here. Can you please share it
> again?
> >
> >
> >
> > On Mon, Oct 28, 2013 at 2:53 PM, Dave Page <dpage(at)pgadmin(dot)org>
> wrote:
> >
> >
> > Sandeep, can you look at this please? Thanks.
> >
> > On Mon, Oct 28, 2013 at 8:18 AM, Asif Naeem <
> anaeem(dot)it(at)gmail(dot)com> wrote:
> > > It is related to windows unquoted service path
> vulnerability in the the
> > > installer that creates service path without quotes that
> make service.exe to
> > > look for undesirable path for executable.
> > >
> > > postgresql-9.3 service path :
> C:/Users/asif/Desktop/Program
> > > files/9.3/bin/pg_ctl.exe runservice -N "postgresql-9.3"
> -D
> > > "C:/Users/asif/Desktop/Program files/9.3/data" -w
> > >
> > > service.exe
> > >>
> > >> C:\Users\asif\Desktop\Program NAME NOT FOUND
> > >> C:\Users\asif\Desktop\Program.exe NAME NOT FOUND
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> ACCESS DENIED
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> ACCESS DENIED
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice NAME
> > >> NOT FOUND
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice.exe
> > >> NAME NOT FOUND
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> NAME NOT FOUND
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N.exe
> > >> NAME NOT FOUND
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> "postgresql-9.3" NAME INVALID
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> "postgresql-9.3".exe NAME INVALID
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> "postgresql-9.3" -D NAME INVALID
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> "postgresql-9.3" -D.exe NAME INVALID
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program NAME
> INVALID
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program.exe
> NAME INVALID
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program
> files\9.3\data" NAME
> > >> INVALID
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program
> files\9.3\data".exe
> > >> NAME INVALID
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program
> files\9.3\data" -w
> > >> NAME INVALID
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program
> files\9.3\data" -w.exe
> > >> NAME INVALID
> > >
> > >
> > > Fix :
> > >
> > > postgresql-9.3 service path :
> "C:/Users/asif/Desktop/Program
> > > files/9.3/bin/pg_ctl.exe" runservice -N "postgresql-9.3"
> -D
> > > "C:/Users/asif/Desktop/Program files/9.3/data" -w
> > >
> > > It would be good if this is reported on pg installer
> forum or security
> > > forum. Thanks.
> > >
> > > Regards,
> > > Asif Naeem
> > >
> > > On Mon, Oct 28, 2013 at 12:06 PM, Naoya Anzai
> > > <anzai-naoya(at)mxu(dot)nes(dot)nec(dot)co(dot)jp> wrote:
> > >>
> > >> Hi, Asif.
> > >>
> > >> Thank you for response.
> > >>
> > >>
> > >> > C:\Users\asif\Desktop\Program
> files\9.3>"bin\pg_ctl" -D
> > >> > "C:\Users\asif\Desktop\Program files\9.3\data1" -l
> logfile start
> > >> > server starting
> > >>
> > >> This failure does not occur by the command line.
> > >> PostgreSQL needs to start by Windows Service.
> > >>
> > >> Additionally,In this case,
> > >> A file "Program" needs to be exist at
> "C:\Users\asif\Desktop\", and
> > >> "postgres.exe" needs to be exist at
> "C:\Users\asif\Desktop\Program
> > >> files\9.3\bin".
> > >> ------------
> > >> C:\Users\asif\Desktop\Program files\9.3\bin>dir
> > >> ...
> > >> 4,435,456 postgres.exe
> > >> 80,896 pg_ctl.exe
> > >> ...
> > >>
> > >> C:\Users\asif\Desktopp>dir
> > >> ...
> > >> 0 Program
> > >> <DIR> Program files
> > >> ...
> > >> ------------
> > >>
> > >> Regards,
> > >> Naoya
> > >>
> > >> > Hi Naoya,
> > >> >
> > >> > I am not able to reproduce the problem. Do you mean
> pg windows service
> > >> > installed by installer is not working or bin\pg_ctl
> binary is not accepting
> > >> > spaces in the patch ?. Following worked for me i.e.
> > >> >
> > >> >
> > >> > C:\Users\asif\Desktop\Program
> files\9.3>"bin\pg_ctl" -D
> > >> > "C:\Users\asif\Desktop\Program files\9.3\data1" -l
> logfile start
> > >> > server starting
> > >> >
> > >> >
> > >> > Can you please share the exact steps ?. Thanks.
> > >> >
> > >> >
> > >> > Regards,
> > >> > Muhammad Asif Naeem
> > >> >
> > >> >
> > >> >
> > >> > On Mon, Oct 28, 2013 at 10:26 AM, Naoya Anzai
> > >> > <anzai-naoya(at)mxu(dot)nes(dot)nec(dot)co(dot)jp> wrote:
> > >> >
> > >> >
> > >> > Hi All,
> > >> >
> > >> > I have found a case that PostgreSQL Service
> does not start.
> > >> > When it happens, the following error appears.
> > >> >
> > >> > "is not a valid Win32 application"
> > >> >
> > >> > This failure occurs when the following
> conditions are true.
> > >> >
> > >> > 1. There is "postgres.exe" in any directory
> that contains a space,
> > >> > such as "Program Files".
> > >> >
> > >> > e.g.)
> > >> > C:\Program Files\PostgreSQL\bin\postgres.exe
> > >> >
> > >> > 2. A file using the first white space-delimited
> > >> > tokens of that directory as the file name
> exists,
> > >> > and there is it in the same hierarchy.
> > >> >
> > >> > e.g.)
> > >> > C:\Program //file
> > >> >
> > >> > "pg_ctl.exe" as PostgreSQL Service creates a
> postgres
> > >> > process using an absolute path which indicates
> the
> > >> > location of "postgres.exe",but the path is not
> enclosed
> > >> > in quotation.
> > >> >
> > >> > Therefore,if the above-mentioned conditions are
> true,
> > >> > CreateProcessAsUser(a Windows Function called
> by pg_ctl.exe)
> > >> > tries to create a process using the other file
> such
> > >> > as "Program", so the service fails to start.
> > >> >
> > >> > Accordingly, I think that the command path
> should be
> > >> > enclosed in quotation.
> > >> >
> > >> > I created a patch to fix this failure,
> > >> > So could anyone confirm?
> > >> >
> > >> > Regards,
> > >> >
> > >> > Naoya
> > >> >
> > >> > ---
> > >> > Naoya Anzai
> > >> > Engineering Department
> > >> > NEC Soft, Ltd.
> > >> > E-Mail: anzai-naoya(at)mxu(dot)nes(dot)nec(dot)co(dot)jp
> > >> > ---
> > >> >
> > >> >
> > >> > --
> > >> > Sent via pgsql-hackers mailing list (
> pgsql-hackers(at)postgresql(dot)org)
> > >> > To make changes to your subscription:
> > >> >
> http://www.postgresql.org/mailpref/pgsql-hackers
> > >> >
> > >> >
> > >> >
> > >> >
> > >> >>
> >
> >
> > --
> > Dave Page
> > Blog: http://pgsnake.blogspot.com
> > Twitter: @pgsnake
> >
> > EnterpriseDB UK: http://www.enterprisedb.com
> > The Enterprise PostgreSQL Company
> >
> >
> >
> >
> >
> > --
> >
> > Sandeep Thakkar
> > Senior Software Engineer
> >
> >
> > Phone: +91.20.30589505 <tel:%2B91.20.30589505>
> >
> > Website: www.enterprisedb.com
> > EnterpriseDB Blog: http://blogs.enterprisedb.com/
> > Follow us on Twitter: http://www.twitter.com/enterprisedb
> >
> >
> >
> >
> >
> >
>
>
>
>

--
Sandeep Thakkar
Senior Software Engineer

Phone: +91.20.30589505

Website: www.enterprisedb.com
EnterpriseDB Blog: http://blogs.enterprisedb.com/
Follow us on Twitter: http://www.twitter.com/enterprisedb