Why my exe crashes exe?

[E1M1 8]

Ok I am trying to make script that prints text on my program by calling function. But I have quite strange problem.

When I call function like that:

CreateRemoteThread($hProcess, 0, "", 0x00401333,"something", 0, "")

I get:

Msg:(null)

But If I call my func like that:

$str = DllStructCreate("char[255]")
DllStructSetData($str,1,"test")
CreateRemoteThread($hProcess, 0, "", 0x00401333,DllStructGetPtr($str,1), 0, "")

Then my exe crashes.

http://msdn.microsoft.com/en-us/library/ms682437%28VS.85%29.aspx says:

lpParameter [in]

A pointer to a variable to be passed to the thread function

So pointer means that I have to use DllStructGetPtr($str,1). right?

Does anyone know how to call function 0x00401333 with string parameter so that exe won't crash?

#include <WinAPI.au3>

$hProcess = _WinAPI_OpenProcess(0x001F0FFF,false,ProcessExists("simple.exe"))
$str = DllStructCreate("char[255]")
DllStructSetData($str,1,"test")
CreateRemoteThread($hProcess, 0, "", 0x00401333,DllStructGetPtr($str,1), 0, "")

Func CreateRemoteThread($hProcess, $lpThreadAttributes, $dwStackSize, $lpStartAddress, $lpParameter, $dwCreationFlags, $lpThreadId)
    Return DllCall("Kernel32.dll", "ptr", "CreateRemoteThread", _
            "ptr", $hProcess, _
            "ptr", $lpThreadAttributes, _
            "uint", $dwStackSize, _
            "ptr", $lpStartAddress, _
            "ptr", $lpParameter, _
            "dword", $dwCreationFlags, _
            "ptr", $lpThreadId)
EndFunc   ;==>VirtualFreeEx

That's src of my exe

#include <stdio.h>
void say(char msg[255])
{
    printf("Msg:%s\n",msg);
}
int main(){while (1==1){char str[255];printf("Type message and press ENTER.\n\n");scanf("%s",str);say(str);}return 0;}