Re: PostgreSQL Service on Windows does not start. ~ "is not a valid Win32 application" - Mailing list pgsql-hackers
| From | Asif Naeem |
|---|---|
| Subject | Re: PostgreSQL Service on Windows does not start. ~ "is not a valid Win32 application" |
| Date | |
| Msg-id | CAEB4t-MF9=tcjwTP55-3Fk62RZ1s2OQk6D5Ap22Tto34SiZKow@mail.gmail.com Whole thread Raw |
| In response to | Re: PostgreSQL Service on Windows does not start. ~ "is not a valid Win32 application" (Naoya Anzai <anzai-naoya@mxu.nes.nec.co.jp>) |
| Responses |
Re: PostgreSQL Service on Windows does not start. ~ "is not
a valid Win32 application"
(Dave Page <dpage@pgadmin.org>)
|
| List | pgsql-hackers |
It is related to windows unquoted service path vulnerability in the the installer that creates service path without quotes that make service.exe to look for undesirable path for executable.
postgresql-9.3 service path : C:/Users/asif/Desktop/Program files/9.3/bin/pg_ctl.exe runservice -N "postgresql-9.3" -D "C:/Users/asif/Desktop/Program files/9.3/data" -w
Fix :
postgresql-9.3 service path : "C:/Users/asif/Desktop/Program files/9.3/bin/pg_ctl.exe" runservice -N "postgresql-9.3" -D "C:/Users/asif/Desktop/Program files/9.3/data" -w
On Mon, Oct 28, 2013 at 12:06 PM, Naoya Anzai <anzai-naoya@mxu.nes.nec.co.jp> wrote:
>
> Hi, Asif.
>
> Thank you for response.
>
>
> > C:\Users\asif\Desktop\Program files\9.3>"bin\pg_ctl" -D "C:\Users\asif\Desktop\Program files\9.3\data1" -l logfile start
> > server starting
>
> This failure does not occur by the command line.
> PostgreSQL needs to start by Windows Service.
>
> Additionally,In this case,
> A file "Program" needs to be exist at "C:\Users\asif\Desktop\", and
> "postgres.exe" needs to be exist at "C:\Users\asif\Desktop\Program files\9.3\bin".
> ------------
> C:\Users\asif\Desktop\Program files\9.3\bin>dir
> ...
> 4,435,456 postgres.exe
> 80,896 pg_ctl.exe
> ...
>
> C:\Users\asif\Desktopp>dir
> ...
> 0 Program
> <DIR> Program files
> ...
> ------------
>
> Regards,
> Naoya
>
> > Hi Naoya,
> >
> > I am not able to reproduce the problem. Do you mean pg windows service installed by installer is not working or bin\pg_ctl binary is not accepting spaces in the patch ?. Following worked for me i.e.
> >
> >
> > C:\Users\asif\Desktop\Program files\9.3>"bin\pg_ctl" -D "C:\Users\asif\Desktop\Program files\9.3\data1" -l logfile start
> > server starting
> >
> >
> > Can you please share the exact steps ?. Thanks.
> >
> >
> > Regards,
> > Muhammad Asif Naeem
> >
> >
> >
> > On Mon, Oct 28, 2013 at 10:26 AM, Naoya Anzai <anzai-naoya@mxu.nes.nec.co.jp> wrote:
> >
> >
> > Hi All,
> >
> > I have found a case that PostgreSQL Service does not start.
> > When it happens, the following error appears.
> >
> > "is not a valid Win32 application"
> >
> > This failure occurs when the following conditions are true.
> >
> > 1. There is "postgres.exe" in any directory that contains a space,
> > such as "Program Files".
> >
> > e.g.)
> > C:\Program Files\PostgreSQL\bin\postgres.exe
> >
> > 2. A file using the first white space-delimited
> > tokens of that directory as the file name exists,
> > and there is it in the same hierarchy.
> >
> > e.g.)
> > C:\Program //file
> >
> > "pg_ctl.exe" as PostgreSQL Service creates a postgres
> > process using an absolute path which indicates the
> > location of "postgres.exe",but the path is not enclosed
> > in quotation.
> >
> > Therefore,if the above-mentioned conditions are true,
> > CreateProcessAsUser(a Windows Function called by pg_ctl.exe)
> > tries to create a process using the other file such
> > as "Program", so the service fails to start.
> >
> > Accordingly, I think that the command path should be
> > enclosed in quotation.
> >
> > I created a patch to fix this failure,
> > So could anyone confirm?
> >
> > Regards,
> >
> > Naoya
> >
> > ---
> > Naoya Anzai
> > Engineering Department
> > NEC Soft, Ltd.
> > E-Mail: anzai-naoya@mxu.nes.nec.co.jp
> > ---
> >
> >
> > --
> > Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
> > To make changes to your subscription:
> > http://www.postgresql.org/mailpref/pgsql-hackers
> >
> >
> >
> >
> >
>
> 以上、よろしくお願い致します。
>
> --------------------------------------------------------
> NECソフト株式会社
> PFシステム事業部 テーマソフト開発G
> 安西 直也
>
> 外線(03)5534-2353
> 内線(8)57-40364
> Mail:NES-N2363
> E-mail:anzai-naoya@mxu.nes.nec.co.jp
> --------------------------------------------------------
> ≪本メールの取り扱い≫
> ・区分:秘密
> ・開示:必要最小限で可
> ・持出:禁止
> ・期限:無期限
> ・用済後:廃棄
>
>
>
postgresql-9.3 service path : C:/Users/asif/Desktop/Program files/9.3/bin/pg_ctl.exe runservice -N "postgresql-9.3" -D "C:/Users/asif/Desktop/Program files/9.3/data" -w
service.exe
C:\Users\asif\Desktop\Program NAME NOT FOUND
C:\Users\asif\Desktop\Program.exe NAME NOT FOUND
C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED
C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe ACCESS DENIED
C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice NAME NOT FOUND
C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice.exe NAME NOT FOUND
C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N NAME NOT FOUND
C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N.exe NAME NOT FOUND
C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N "postgresql-9.3" NAME INVALID
C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N "postgresql-9.3".exe NAME INVALID
C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N "postgresql-9.3" -D NAME INVALID
C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N "postgresql-9.3" -D.exe NAME INVALID
C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N "postgresql-9.3" -D "C:\Users\asif\Desktop\Program NAME INVALID
C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N "postgresql-9.3" -D "C:\Users\asif\Desktop\Program.exe NAME INVALID
C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N "postgresql-9.3" -D "C:\Users\asif\Desktop\Program files\9.3\data" NAME INVALID
C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N "postgresql-9.3" -D "C:\Users\asif\Desktop\Program files\9.3\data".exe NAME INVALID
C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N "postgresql-9.3" -D "C:\Users\asif\Desktop\Program files\9.3\data" -w NAME INVALID
C:\Users\asif\Desktop\Program files\9.3\bin\pg_ctl.exe runservice -N "postgresql-9.3" -D "C:\Users\asif\Desktop\Program files\9.3\data" -w.exe NAME INVALID
postgresql-9.3 service path : "C:/Users/asif/Desktop/Program files/9.3/bin/pg_ctl.exe" runservice -N "postgresql-9.3" -D "C:/Users/asif/Desktop/Program files/9.3/data" -w
It would be good if this is reported on pg installer forum or security forum. Thanks.
Regards,
Asif Naeem
On Mon, Oct 28, 2013 at 12:06 PM, Naoya Anzai <anzai-naoya@mxu.nes.nec.co.jp> wrote:
>
> Hi, Asif.
>
> Thank you for response.
>
>
> > C:\Users\asif\Desktop\Program files\9.3>"bin\pg_ctl" -D "C:\Users\asif\Desktop\Program files\9.3\data1" -l logfile start
> > server starting
>
> This failure does not occur by the command line.
> PostgreSQL needs to start by Windows Service.
>
> Additionally,In this case,
> A file "Program" needs to be exist at "C:\Users\asif\Desktop\", and
> "postgres.exe" needs to be exist at "C:\Users\asif\Desktop\Program files\9.3\bin".
> ------------
> C:\Users\asif\Desktop\Program files\9.3\bin>dir
> ...
> 4,435,456 postgres.exe
> 80,896 pg_ctl.exe
> ...
>
> C:\Users\asif\Desktopp>dir
> ...
> 0 Program
> <DIR> Program files
> ...
> ------------
>
> Regards,
> Naoya
>
> > Hi Naoya,
> >
> > I am not able to reproduce the problem. Do you mean pg windows service installed by installer is not working or bin\pg_ctl binary is not accepting spaces in the patch ?. Following worked for me i.e.
> >
> >
> > C:\Users\asif\Desktop\Program files\9.3>"bin\pg_ctl" -D "C:\Users\asif\Desktop\Program files\9.3\data1" -l logfile start
> > server starting
> >
> >
> > Can you please share the exact steps ?. Thanks.
> >
> >
> > Regards,
> > Muhammad Asif Naeem
> >
> >
> >
> > On Mon, Oct 28, 2013 at 10:26 AM, Naoya Anzai <anzai-naoya@mxu.nes.nec.co.jp> wrote:
> >
> >
> > Hi All,
> >
> > I have found a case that PostgreSQL Service does not start.
> > When it happens, the following error appears.
> >
> > "is not a valid Win32 application"
> >
> > This failure occurs when the following conditions are true.
> >
> > 1. There is "postgres.exe" in any directory that contains a space,
> > such as "Program Files".
> >
> > e.g.)
> > C:\Program Files\PostgreSQL\bin\postgres.exe
> >
> > 2. A file using the first white space-delimited
> > tokens of that directory as the file name exists,
> > and there is it in the same hierarchy.
> >
> > e.g.)
> > C:\Program //file
> >
> > "pg_ctl.exe" as PostgreSQL Service creates a postgres
> > process using an absolute path which indicates the
> > location of "postgres.exe",but the path is not enclosed
> > in quotation.
> >
> > Therefore,if the above-mentioned conditions are true,
> > CreateProcessAsUser(a Windows Function called by pg_ctl.exe)
> > tries to create a process using the other file such
> > as "Program", so the service fails to start.
> >
> > Accordingly, I think that the command path should be
> > enclosed in quotation.
> >
> > I created a patch to fix this failure,
> > So could anyone confirm?
> >
> > Regards,
> >
> > Naoya
> >
> > ---
> > Naoya Anzai
> > Engineering Department
> > NEC Soft, Ltd.
> > E-Mail: anzai-naoya@mxu.nes.nec.co.jp
> > ---
> >
> >
> > --
> > Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
> > To make changes to your subscription:
> > http://www.postgresql.org/mailpref/pgsql-hackers
> >
> >
> >
> >
> >
>
> 以上、よろしくお願い致します。
>
> --------------------------------------------------------
> NECソフト株式会社
> PFシステム事業部 テーマソフト開発G
> 安西 直也
>
> 外線(03)5534-2353
> 内線(8)57-40364
> Mail:NES-N2363
> E-mail:anzai-naoya@mxu.nes.nec.co.jp
> --------------------------------------------------------
> ≪本メールの取り扱い≫
> ・区分:秘密
> ・開示:必要最小限で可
> ・持出:禁止
> ・期限:無期限
> ・用済後:廃棄
>
>
>
pgsql-hackers by date: