HPE Community
Operating System - HP-UX
1830481 Members
2554 Online
110005 Solutions
New Discussion

HP/UX 11.X memory reuse

 
Randy Mikesell
Occasional Contributor

‎10-22-2004 02:50 AM

‎10-22-2004 02:50 AM

HP/UX 11.X memory reuse

When a process releases memory and that memory space is allocated to another process, is that portion of memory zeroed out or overwritten to prevent the new process from reading any data that was left behind by the previous process? Basically, does it comply to the Orange book object reuse requirements?

Thanks,

Randy
0 Kudos
Reply
4 REPLIES 4
Steven E. Protter
Exalted Contributor

‎10-22-2004 03:07 AM

‎10-22-2004 03:07 AM

Re: HP/UX 11.X memory reuse

The operating system is constantly doing lots of things that require memory.

Whether or not there is a specific erase of old memory, its volatile and will be re-allocated withing milliseconds.

I don't think this is a concern.

I think the allocation process of most programs is going to clear any values.

I also bet(nothing, but principle) that when a process gives up memory, its cleaned up.

I do however think it would be very interesting to test this.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Gary L. Paveza, Jr.
Trusted Contributor

‎10-22-2004 06:58 AM

‎10-22-2004 06:58 AM

Re: HP/UX 11.X memory reuse

If I recall correctly, it is not "cleaned". The pointers are just reset. We had an issue where COBOL programs were not correctly initializing variables and we were finding random characters in the memory spaces for these variables.

0 Kudos
Reply
Scot Bean
Honored Contributor

‎10-22-2004 07:03 AM

‎10-22-2004 07:03 AM

Re: HP/UX 11.X memory reuse

Here is an HP-UX security whitepaper that discuses this and other topics:

http://www.hp.com/products1/unix/operating/infolibrary/whitepapers/hpux11isecuritywp.pdf

It states in section 3.2.7 that HP-UX meets the "Object Reuse" requirement.
0 Kudos
Reply
doug hosking
Esteemed Contributor

‎10-25-2004 12:59 AM

‎10-25-2004 12:59 AM

Re: HP/UX 11.X memory reuse

Randy, unlike some other operating systems, HP-UX goes to considerable trouble to avoid object reuse problems of this type. HP-UX 11.11 was formally certified against the Common Criteria Controlled Access Protection Profile, and the intent was certainly to comply with the Orange book object reuse requirements.

Memory from an exited process that is reallocated to another process will be initialized such that data does not leak BETWEEN processes. WITHIN a single process, memory that is reallocated (such as free() followed by malloc())
is NOT guaranteed to be initialized. It is up to individual programs to deal with that case, such as by using calloc instead of malloc.

The specific details get a bit messy because of some optimizations in the process, but with HP-UX you should never inherit junk from some unrelated process. If you ever do, please file a high severity defect report.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.