From da0f931b90833c7f706ace24b0c9dff2672f1e97 Mon Sep 17 00:00:00 2001
From: Thomas Hellstrom <thellstrom@vmware.com>
Date: Wed, 8 Sep 2010 09:57:35 +0200
Subject: [PATCH] vmwlegacy: Fix a segfault in vmwareCursorCloseScreen.

The segfault occured because the named function was using resources that
were already taken down, because VMWARECloseScreen was called very late
in the CloseScreen callchain.

Make sure we wrap the CloseScreen pointers late in ScreenInit to avoid this.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
---
 src/vmware.c | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/src/vmware.c b/src/vmware.c
index a4e4d08..ed31b02 100644
--- a/src/vmware.c
+++ b/src/vmware.c
@@ -1748,12 +1748,9 @@ VMWAREScreenInit(int scrnIndex, ScreenPtr pScreen, int argc, char **argv)
     fbPictureInit (pScreen, 0, 0);
 
     /*
-     * Save the old screen vector, then wrap CloseScreen and
-     * set SaveScreen.
+     * Save the old screen vector.
      */
     pVMWARE->ScrnFuncs = *pScreen;
-    pScreen->CloseScreen = VMWARECloseScreen;
-    pScreen->SaveScreen = VMWARESaveScreen;
 
     /*
      * Set initial black & white colourmap indices.
@@ -1864,6 +1861,17 @@ VMWAREScreenInit(int scrnIndex, ScreenPtr pScreen, int argc, char **argv)
         }
     }
 
+    /**
+     * Wrap CloseScreen and SaveScreen. Do this late since we
+     * want to be first in the callchain, to avoid using resources
+     * already taken down in CloseScreen.
+     */
+
+    pVMWARE->ScrnFuncs.CloseScreen = pScreen->CloseScreen;
+    pVMWARE->ScrnFuncs.SaveScreen = pScreen->SaveScreen;
+
+    pScreen->CloseScreen = VMWARECloseScreen;
+    pScreen->SaveScreen = VMWARESaveScreen;
 
     /* Done */
     return TRUE;
-- 
2.7.4