Sfvipplayerx64 Fixed -

void parse_subtitle(char *input) 
    char buffer[256];
    strncpy_s(buffer, sizeof(buffer), input, _TRUNCATE);
    buffer[255] = '\0';
    // ...

Using a malformed .sfv file with an overly long artist tag (1000 'A's):

Original (expected):

Access violation writing location 0x41414141.
EIP corrupted → remote code execution possible.

Fixed:

Exception: stack cookie mismatch (0xDDDDDDDD)
Terminate called after throwing 'std::length_error'
Process exits cleanly – no code execution.

The fixed version implements /GS stack cookies and checks them on function epilogue. sfvipplayerx64 fixed

Original version (unfixed):

Fixed version:

The OCX did not embed an assembly manifest, causing it to load the wrong CRT version when multiple redistributables were present. The fix required side-by-side binding to Microsoft.VC90.CRT (VS2008) for legacy code. Using a malformed

	Chris Vigorito on Fablewood – HitPoint…
	Chris Vigorito on Play Seaside Hideaway on …
	Chris Vigorito on Play Seaside Hideaway on …
	Candy on Play Seaside Hideaway on …
	Barbara Riffenburg on Play Seaside Hideaway on …