Commit 1e70d63a authored by Daniel Vrátil's avatar Daniel Vrátil 🤖

Create AgePostingSource on heap

There was an undocumented behaviour change in Xapian 1.4 where
Xapian::Query() no longer internally creates a clone of the
PostingResource that we pass to it and instead takes a (shared)
ownership of the pointer that is then re-used later while
the actual query is being executed, which means that the
PostingResource must live at least until the query execution
is finished.

We were creating the AgePostingSource on stack, which lead to
use-after-free in Xapian 1.4.

BUG: 363741
FIXED-IN: 5.3.2
parent 0400a0b1
......@@ -117,7 +117,6 @@ QString EmailSearchStore::text(int queryId)
Xapian::Query EmailSearchStore::finalizeQuery(const Xapian::Query &query)
AgePostingSource ps(0);
return Xapian::Query(Xapian::Query::OP_AND_MAYBE, query, Xapian::Query(&ps));
return Xapian::Query(Xapian::Query::OP_AND_MAYBE, query, Xapian::Query(new AgePostingSource(0)));
