variable.c: avoid out of bound write in generic_field_set

[Bug #21445]

Author: byroot

test/ruby/test_object_id.rb

@@ -115,6 +115,14 @@ def test_marshal_with_id_and_ivar_and_frozen
     assert_equal 42, copy.instance_variable_get(:@foo)
     refute_predicate copy, :frozen?
   end
+
+  def test_object_id_need_resize
+    (3 - @obj.instance_variables.size).times do |i|
+      @obj.instance_variable_set("@a_#{i}", "[Bug #21445]")
+    end
+    @obj.object_id
+    GC.start
+  end
 end
 
 class TestObjectIdClass < TestObjectId

variable.c

@@ -1922,7 +1922,7 @@ generic_field_set(VALUE obj, shape_id_t target_shape_id, VALUE val)
     else {
         attr_index_t index = RSHAPE_INDEX(target_shape_id);
         if (index >= RSHAPE_CAPACITY(current_shape_id)) {
-            fields_obj = rb_imemo_fields_new(rb_obj_class(obj), index);
+            fields_obj = rb_imemo_fields_new(rb_obj_class(obj), RSHAPE_CAPACITY(target_shape_id));
             if (original_fields_obj) {
                 attr_index_t fields_count = RSHAPE_LEN(current_shape_id);
                 VALUE *fields = rb_imemo_fields_ptr(fields_obj);