[Backport] CVE-2022-2614: Use after free in Sign-In Flow

Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/3770271:
Use WeakPtr in AccountReconcilor to avoid UAF

(cherry picked from commit f65ea3435ff2a10b4e1ce1f855863e8eaa127a04)

Bug: 1341907
Change-Id: I14e8d263e3a5f073d61677fedd53c67395382742
Commit-Queue: David Roger <droger@chromium.org>
Reviewed-by: David Roger <droger@chromium.org>
Commit-Queue: Monica Basta <msalama@chromium.org>
Cr-Original-Commit-Position: refs/heads/main@{#1022147}
Reviewed-by: Monica Basta <msalama@chromium.org>
Cr-Commit-Position: refs/branch-heads/5112@{#1011}
Cr-Branched-From: b13d3fe7b3c47a56354ef54b221008afa754412e-refs/heads/main@{#1012729}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>

1 files changed, 1 insertions, 1 deletions

diff --git a/chromium/components/signin/core/browser/account_reconcilor.cc b/chromium/components/signin/core/browser/account_reconcilor.cc
index 7e4dc75f045..a19f9646c5f 100644
--- a/chromium/components/signin/core/browser/account_reconcilor.cc
+++ b/chromium/components/signin/core/browser/account_reconcilor.cc
@@ -758,7 +758,7 @@ void AccountReconcilor::ScheduleStartReconcileIfChromeAccountsChanged() {
     SetState(AccountReconcilorState::ACCOUNT_RECONCILOR_SCHEDULED);
     base::ThreadTaskRunnerHandle::Get()->PostTask(
         FROM_HERE, base::BindOnce(&AccountReconcilor::StartReconcile,
-                                  base::Unretained(this),
+                                  weak_factory_.GetWeakPtr(),
                                   Trigger::kTokenChangeDuringReconcile));
   } else if (error_during_last_reconcile_.state() ==
              GoogleServiceAuthError::NONE) {