Re: BUG #16080: pg_ctl is failed if a fake cmd.exe exist in the current directory.

Juan José Santamaría Flecha <juanjo.santamaria@gmail.com>

From: Juan José Santamaría Flecha <juanjo.santamaria@gmail.com>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: cilizili@protonmail.com, pgsql-bugs@lists.postgresql.org
Date: 2019-10-27T10:07:31Z
Lists: pgsql-bugs

Attachments

On Sat, Oct 26, 2019 at 7:44 PM Tom Lane <tgl@sss.pgh.pa.us> wrote:

> =?UTF-8?Q?Juan_Jos=C3=A9_Santamar=C3=ADa_Flecha?= <
> juanjo.santamaria@gmail.com> writes:
> > On Sat, Oct 26, 2019 at 5:20 PM Tom Lane <tgl@sss.pgh.pa.us> wrote:
> >> Right, but does cmd.exe have a well-defined location in Windows?
> >> I don't think we can know which drive it's on, for starters.
>
> > The environment variable COMSPEC [1] should point to the right location.
>
> Hm.  I don't have any objection to using COMSPEC if it's set, but
> of course that changes nothing from a security perspective.  It's
> just a different route by which pg_ctl, pg_upgrade, etc can be
> misled.
>
>
The only impact this will have is finding the CMD executable directly,
without having to rely on CreateProcessAsUser() logic.

Please find attached a patch with this simple modification.

Regards,

Juan José Santamaría Flecha

Commits

  1. On Windows, use COMSPEC to find the location of cmd.exe.