I am currently investigating existing solutions for customizing compiled software and loading security patches to address CVEs and have come across this repository.
My focus is mostly on in-memory patching i.e. modifying the process while it's running to avoid expensive process restarts (like a database or in-memory cache like memcached, where recreating the memory contents is an expensive operation).
The aim is to make it easier to troubleshoot and address corner-cases with a secondary aspect in addressing CVEs.
I am wondering wthat the licensing of the code is to see if I should start from scratch or if some collaboration is possible.
Most of the code I'm encountering is either geared to writing exploits or seems to be at the PoC stage where licensing is not addressed in any way.
If the code was licensed, it would be easier to contribute back.
Considering this code seems to be part of a DARPA project, is it open source or does DARPA aim to use it for government-use only?
Hello,
I am currently investigating existing solutions for customizing compiled software and loading security patches to address CVEs and have come across this repository.
My focus is mostly on in-memory patching i.e. modifying the process while it's running to avoid expensive process restarts (like a database or in-memory cache like memcached, where recreating the memory contents is an expensive operation). The aim is to make it easier to troubleshoot and address corner-cases with a secondary aspect in addressing CVEs.
I am wondering wthat the licensing of the code is to see if I should start from scratch or if some collaboration is possible. Most of the code I'm encountering is either geared to writing exploits or seems to be at the PoC stage where licensing is not addressed in any way.
If the code was licensed, it would be easier to contribute back.
Considering this code seems to be part of a DARPA project, is it open source or does DARPA aim to use it for government-use only?
Thank you in advance for any information.