Bug 1347657 - Use array entry as value instead of reference to avoid being invalidated by realloc. r=francois

nsTArray::AppendElement may cause memory reallocation if out of capacity.
In nsUrlClassifierStreamUpdater::FetchNextRequest(), we take the reference of
the first element of mPendingRequests and pass its member as reference to
DownloadUpdate(), where mPendingRequests.AppendElement will be called.
If the AppendElement in DownloadUpdate() causes realloc, the reference
becomes dangling.

The most efficient fix is to "move" the reference's (i.e. request)
member variables to DownloadUpdate() but I think in this case we can just
take the value from the array and pass it around with no given that the
array element contains simply a couple of strings and pointers.

MozReview-Commit-ID: KEZ5d3l3HoI

UltraBlame original commit: 2d4a86ef46e9b45b516165ff624068fbcc4493ce

Author: marco-c

toolkit/components/url-classifier/nsUrlClassifierStreamUpdater.cpp

@@ -2503,14 +2503,20 @@ NS_OK
 ;
 }
 PendingRequest
-&
 request
 =
 mPendingRequests
 [
 0
 ]
 ;
+mPendingRequests
+.
+RemoveElementAt
+(
+0
+)
+;
 LOG
 (
 (
@@ -2574,31 +2580,6 @@ mDownloadErrorCallback
 dummy
 )
 ;
-request
-.
-mSuccessCallback
-=
-nullptr
-;
-request
-.
-mUpdateErrorCallback
-=
-nullptr
-;
-request
-.
-mDownloadErrorCallback
-=
-nullptr
-;
-mPendingRequests
-.
-RemoveElementAt
-(
-0
-)
-;
 return
 NS_OK
 ;