From: | Sandeep Thakkar <sandeep(dot)thakkar(at)enterprisedb(dot)com> |
---|---|
To: | Naoya Anzai <anzai-naoya(at)mxu(dot)nes(dot)nec(dot)co(dot)jp> |
Cc: | Asif Naeem <asif(dot)naeem(at)enterprisedb(dot)com>, Dave Page <dpage(at)pgadmin(dot)org>, Asif Naeem <anaeem(dot)it(at)gmail(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>, Akio Iwaasa <iwaasa(at)mxs(dot)nes(dot)nec(dot)co(dot)jp> |
Subject: | Re: PostgreSQL Service on Windows does not start. ~ "is not a valid Win32 application" |
Date: | 2013-10-29 04:57:30 |
Message-ID: | CANFyU96ZBqGMXT9F+8dOWoQ2NwcomY4U67d3LMNHOxBL3676Eg@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
So, this is not an installer issue. Is this bug raised to the PostgreSQL
community? If yes, you should submit the patch there.
On Tue, Oct 29, 2013 at 6:23 AM, Naoya Anzai
<anzai-naoya(at)mxu(dot)nes(dot)nec(dot)co(dot)jp>wrote:
> Hi, Asif
>
> Thank you for providing my patch (pg_ctl.c.patch) to Sandeep on my behalf.
>
> > Good finding. I have attached another version of patch
> (pg_ctl.c_windows_vulnerability.patch) attached that has fewer lines of
> code changes, can you please take a look ?. Thanks.
>
> I think your patch is not sufficient to fix.
> Not only "pg_ctl.exe" but "postgres.exe" also have the same problem.
> Even if your patch is attached,
> A Path of "postgres.exe" passed to CreateRestrictedProcess is not enclosed
> in quotation.(See pgwin32_ServiceMain at pg_ctl.c)
>
> So, processing enclosed in quotation should do in both conditions.
>
> Regards,
> Naoya
>
> ---
> Naoya Anzai
> Engineering Department
> NEC Soft, Ltd.
> E-Mail: anzai-naoya(at)mxu(dot)nes(dot)nec(dot)co(dot)jp
> ---
>
>
> > Hi Sandeep,
> >
> > PFA Naoya's patch (pg_ctl.c.patch).
> >
> > Hi Naoya,
> >
> > Good finding. I have attached another version of patch
> (pg_ctl.c_windows_vulnerability.patch) attached that has fewer lines of
> code changes, can you please take a look ?. Thanks.
> >
> > Best Regards,
> > Asif Naeem
> >
> >
> > On Mon, Oct 28, 2013 at 4:46 PM, Sandeep Thakkar <
> sandeep(dot)thakkar(at)enterprisedb(dot)com> wrote:
> >
> >
> > Hi Dave
> >
> > We register the service using pg_ctl. When I manually executed the
> following on the command prompt, I saw that the service path of the
> registered service did not have the pg_ctl.exe path in quotes. May be it
> should be handled in the pg_ctl code.
> >
> > c:\Users\Sandeep Thakkar\Documents>"c:\Program
> Files\PostgreSQL\9.3\bin\pg_ctl.e
> > xe" register -N "pg-9.3" -U "NT AUTHORITY\NetworkService" -D
> "c:\Program Files\P
> > ostgreSQL\9.3\data" -w
> >
> > Naoya, I could not find your patch here. Can you please share it
> again?
> >
> >
> >
> > On Mon, Oct 28, 2013 at 2:53 PM, Dave Page <dpage(at)pgadmin(dot)org>
> wrote:
> >
> >
> > Sandeep, can you look at this please? Thanks.
> >
> > On Mon, Oct 28, 2013 at 8:18 AM, Asif Naeem <
> anaeem(dot)it(at)gmail(dot)com> wrote:
> > > It is related to windows unquoted service path
> vulnerability in the the
> > > installer that creates service path without quotes that
> make service.exe to
> > > look for undesirable path for executable.
> > >
> > > postgresql-9.3 service path :
> C:/Users/asif/Desktop/Program
> > > files/9.3/bin/pg_ctl.exe runservice -N "postgresql-9.3"
> -D
> > > "C:/Users/asif/Desktop/Program files/9.3/data" -w
> > >
> > > service.exe
> > >>
> > >> C:\Users\asif\Desktop\Program NAME NOT FOUND
> > >> C:\Users\asif\Desktop\Program.exe NAME NOT FOUND
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> ACCESS DENIED
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> ACCESS DENIED
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice NAME
> > >> NOT FOUND
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice.exe
> > >> NAME NOT FOUND
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> NAME NOT FOUND
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N.exe
> > >> NAME NOT FOUND
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> "postgresql-9.3" NAME INVALID
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> "postgresql-9.3".exe NAME INVALID
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> "postgresql-9.3" -D NAME INVALID
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> "postgresql-9.3" -D.exe NAME INVALID
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program NAME
> INVALID
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program.exe
> NAME INVALID
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program
> files\9.3\data" NAME
> > >> INVALID
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program
> files\9.3\data".exe
> > >> NAME INVALID
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program
> files\9.3\data" -w
> > >> NAME INVALID
> > >> C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe
> runservice -N
> > >> "postgresql-9.3" -D "C:\Users\asif\Desktop\Program
> files\9.3\data" -w.exe
> > >> NAME INVALID
> > >
> > >
> > > Fix :
> > >
> > > postgresql-9.3 service path :
> "C:/Users/asif/Desktop/Program
> > > files/9.3/bin/pg_ctl.exe" runservice -N "postgresql-9.3"
> -D
> > > "C:/Users/asif/Desktop/Program files/9.3/data" -w
> > >
> > > It would be good if this is reported on pg installer
> forum or security
> > > forum. Thanks.
> > >
> > > Regards,
> > > Asif Naeem
> > >
> > > On Mon, Oct 28, 2013 at 12:06 PM, Naoya Anzai
> > > <anzai-naoya(at)mxu(dot)nes(dot)nec(dot)co(dot)jp> wrote:
> > >>
> > >> Hi, Asif.
> > >>
> > >> Thank you for response.
> > >>
> > >>
> > >> > C:\Users\asif\Desktop\Program
> files\9.3>"bin\pg_ctl" -D
> > >> > "C:\Users\asif\Desktop\Program files\9.3\data1" -l
> logfile start
> > >> > server starting
> > >>
> > >> This failure does not occur by the command line.
> > >> PostgreSQL needs to start by Windows Service.
> > >>
> > >> Additionally,In this case,
> > >> A file "Program" needs to be exist at
> "C:\Users\asif\Desktop\", and
> > >> "postgres.exe" needs to be exist at
> "C:\Users\asif\Desktop\Program
> > >> files\9.3\bin".
> > >> ------------
> > >> C:\Users\asif\Desktop\Program files\9.3\bin>dir
> > >> ...
> > >> 4,435,456 postgres.exe
> > >> 80,896 pg_ctl.exe
> > >> ...
> > >>
> > >> C:\Users\asif\Desktopp>dir
> > >> ...
> > >> 0 Program
> > >> <DIR> Program files
> > >> ...
> > >> ------------
> > >>
> > >> Regards,
> > >> Naoya
> > >>
> > >> > Hi Naoya,
> > >> >
> > >> > I am not able to reproduce the problem. Do you mean
> pg windows service
> > >> > installed by installer is not working or bin\pg_ctl
> binary is not accepting
> > >> > spaces in the patch ?. Following worked for me i.e.
> > >> >
> > >> >
> > >> > C:\Users\asif\Desktop\Program
> files\9.3>"bin\pg_ctl" -D
> > >> > "C:\Users\asif\Desktop\Program files\9.3\data1" -l
> logfile start
> > >> > server starting
> > >> >
> > >> >
> > >> > Can you please share the exact steps ?. Thanks.
> > >> >
> > >> >
> > >> > Regards,
> > >> > Muhammad Asif Naeem
> > >> >
> > >> >
> > >> >
> > >> > On Mon, Oct 28, 2013 at 10:26 AM, Naoya Anzai
> > >> > <anzai-naoya(at)mxu(dot)nes(dot)nec(dot)co(dot)jp> wrote:
> > >> >
> > >> >
> > >> > Hi All,
> > >> >
> > >> > I have found a case that PostgreSQL Service
> does not start.
> > >> > When it happens, the following error appears.
> > >> >
> > >> > "is not a valid Win32 application"
> > >> >
> > >> > This failure occurs when the following
> conditions are true.
> > >> >
> > >> > 1. There is "postgres.exe" in any directory
> that contains a space,
> > >> > such as "Program Files".
> > >> >
> > >> > e.g.)
> > >> > C:\Program Files\PostgreSQL\bin\postgres.exe
> > >> >
> > >> > 2. A file using the first white space-delimited
> > >> > tokens of that directory as the file name
> exists,
> > >> > and there is it in the same hierarchy.
> > >> >
> > >> > e.g.)
> > >> > C:\Program //file
> > >> >
> > >> > "pg_ctl.exe" as PostgreSQL Service creates a
> postgres
> > >> > process using an absolute path which indicates
> the
> > >> > location of "postgres.exe",but the path is not
> enclosed
> > >> > in quotation.
> > >> >
> > >> > Therefore,if the above-mentioned conditions are
> true,
> > >> > CreateProcessAsUser(a Windows Function called
> by pg_ctl.exe)
> > >> > tries to create a process using the other file
> such
> > >> > as "Program", so the service fails to start.
> > >> >
> > >> > Accordingly, I think that the command path
> should be
> > >> > enclosed in quotation.
> > >> >
> > >> > I created a patch to fix this failure,
> > >> > So could anyone confirm?
> > >> >
> > >> > Regards,
> > >> >
> > >> > Naoya
> > >> >
> > >> > ---
> > >> > Naoya Anzai
> > >> > Engineering Department
> > >> > NEC Soft, Ltd.
> > >> > E-Mail: anzai-naoya(at)mxu(dot)nes(dot)nec(dot)co(dot)jp
> > >> > ---
> > >> >
> > >> >
> > >> > --
> > >> > Sent via pgsql-hackers mailing list (
> pgsql-hackers(at)postgresql(dot)org)
> > >> > To make changes to your subscription:
> > >> >
> http://www.postgresql.org/mailpref/pgsql-hackers
> > >> >
> > >> >
> > >> >
> > >> >
> > >> >>
> >
> >
> > --
> > Dave Page
> > Blog: http://pgsnake.blogspot.com
> > Twitter: @pgsnake
> >
> > EnterpriseDB UK: http://www.enterprisedb.com
> > The Enterprise PostgreSQL Company
> >
> >
> >
> >
> >
> > --
> >
> > Sandeep Thakkar
> > Senior Software Engineer
> >
> >
> > Phone: +91.20.30589505 <tel:%2B91.20.30589505>
> >
> > Website: www.enterprisedb.com
> > EnterpriseDB Blog: http://blogs.enterprisedb.com/
> > Follow us on Twitter: http://www.twitter.com/enterprisedb
> >
> >
> >
> >
> >
> >
>
>
>
>
--
Sandeep Thakkar
Senior Software Engineer
Phone: +91.20.30589505
Website: www.enterprisedb.com
EnterpriseDB Blog: http://blogs.enterprisedb.com/
Follow us on Twitter: http://www.twitter.com/enterprisedb
From | Date | Subject | |
---|---|---|---|
Next Message | Amit Kapila | 2013-10-29 05:08:42 | Re: tracking commit timestamps |
Previous Message | Craig Ringer | 2013-10-29 04:53:23 | Prototype row-security write trigger |