From ae9b0bb884c8aabd15aa4edf2c3f7a77f3d5df21 Mon Sep 17 00:00:00 2001
From: Andrew Kane <andrew@ankane.org>
Date: Sun, 20 Apr 2025 18:56:22 -0700
Subject: [PATCH 1/2] Fix memory corruption with FFI backend

---
 lib/fiddle/ffi_backend.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/fiddle/ffi_backend.rb b/lib/fiddle/ffi_backend.rb
index 1ca27568..716e8b4a 100644
--- a/lib/fiddle/ffi_backend.rb
+++ b/lib/fiddle/ffi_backend.rb
@@ -240,7 +240,7 @@ def self.from_native(value, ctx)
     def self.to_ptr(value)
       if value.is_a?(String)
         cptr = Pointer.malloc(value.bytesize)
-        cptr.ffi_ptr.put_string(0, value)
+        cptr.ffi_ptr.put_bytes(0, value)
         cptr
 
       elsif value.is_a?(Array)

From ce19331eb3100a064b1e7a4d5ff7a0a12ce221f2 Mon Sep 17 00:00:00 2001
From: Andrew Kane <andrew@ankane.org>
Date: Sun, 20 Apr 2025 19:13:12 -0700
Subject: [PATCH 2/2] Fix to_s reading past size

---
 lib/fiddle/ffi_backend.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/fiddle/ffi_backend.rb b/lib/fiddle/ffi_backend.rb
index 716e8b4a..3a06983f 100644
--- a/lib/fiddle/ffi_backend.rb
+++ b/lib/fiddle/ffi_backend.rb
@@ -412,7 +412,7 @@ def to_s(len = nil)
       if len
         ffi_ptr.read_string(len)
       else
-        ffi_ptr.get_string(0)
+        ffi_ptr.get_string(0, @size)
       end
     rescue FFI::NullPointerError
       raise DLError.new("NULL pointer access")