Fix UAF in smb_client::MDnsHostLocator

MDnsTransaction keeps a pointer to MDnsClient and accessed it on
destruction. Therefore, it needs to be destroyed before MDnsClient.

On the same note, destroy MDnsClient before MDnsSocketFactory because
MDnsClient uses MDnsSocketFactory. This isn't strictly necessary, but
keeping dependency order helps to prevent future UAF bugs.

BUG=929467

Change-Id: I22af0ffa91b5bc2ce6533a8c0d85bfa351e8e9e4
Reviewed-on: https://chromium-review.googlesource.com/c/1459861Reviewed-by: Bailey Berro <baileyberro@chromium.org>
Commit-Queue: Anand Mistry <amistry@chromium.org>
Cr-Commit-Position: refs/heads/master@{#630167}

chrome/browser/chromeos/smb_client/discovery/mdns_host_locator.h

@@ -90,9 +90,9 @@ class MDnsHostLocator : public HostLocator,
   std::vector<std::string> services_;
   HostMap results_;
 
-  std::vector<std::unique_ptr<net::MDnsTransaction>> transactions_;
-  std::unique_ptr<net::MDnsClient> mdns_client_;
   std::unique_ptr<net::MDnsSocketFactory> socket_factory_;
+  std::unique_ptr<net::MDnsClient> mdns_client_;
+  std::vector<std::unique_ptr<net::MDnsTransaction>> transactions_;
 
   DISALLOW_COPY_AND_ASSIGN(MDnsHostLocator);
 };