For MIT/Apache it doesn’t matter. That’s always a problem with those free to use licenses you have a “good idea” who’s using it, but you never really can tell. It also creates a shit load of wasted improvements every time a company uses it, moth balls the project, but never pushes code upstream because why do that? \s So you sit back and hope that someone in the company feels a big enough moral drive or obligation to contribute their improvements up stream. But, how can you tell definitively? You can sometimes see it in the job descriptions they are hiring for, also I have had companies reach out out me personally for help. Many open source projects also will reach out and ask, and if they get the ok, will put it in the project description in order to encourage others companies to do the same. So why to companies bother? The funny thing about open source is that it lets people who like solving tough problems (the best type of engineers) know where the tough problems are being definitively solved, because here’s the code, and here’s the author from xyz company contributing and showing the rest of the world how it’s done. Often this will bring in engineers who are at the top of their game to these companies.
I really like this video, in it he demonstrates how a char pointer can be exploited to alter the return value in the stack and walks through an example of how it’s done. https://www.youtube.com/watch?v=1S0aBV-Waeo