Fix uaf in ApplicationInstance.

mojo/shell/application_manager.cc

Index: mojo/shell/application_manager.cc
diff --git a/mojo/shell/application_manager.cc b/mojo/shell/application_manager.cc
index 899439275986e3570271f8d26364aa1a4e24ddd5..345351e85b1f396d80eb94b91e32205de8ea2fdc 100644
--- a/mojo/shell/application_manager.cc
+++ b/mojo/shell/application_manager.cc
@@ -185,7 +185,7 @@ bool ApplicationManager::ConnectToRunningApplication(
     CapabilityFilterPtr* filter) {
   GURL application_url = GetBaseURLAndQuery(resolved_url, nullptr);
   ApplicationInstance* instance =
-      GetApplicationInstance(application_url, qualifier);
+      GetApplicationInstance(Identity(application_url, qualifier));
   if (!instance)
     return false;
 
@@ -242,8 +242,9 @@ InterfaceRequest<Application> ApplicationManager::RegisterInstance(
         filter->filter.To<ApplicationInstance::CapabilityFilter>();
   }
   ApplicationInstance* instance = new ApplicationInstance(
-      application.Pass(), this, app_identity, capability_filter,
-      on_application_end);
+      application.Pass(), this,
+      originator ? originator->identity() : Identity(GURL()), app_identity,
+      capability_filter, on_application_end);
   identity_to_instance_[app_identity] = instance;
   instance->InitializeApplication();
   instance->ConnectToClient(originator, app_url, requestor_url, services.Pass(),
@@ -252,10 +253,8 @@ InterfaceRequest<Application> ApplicationManager::RegisterInstance(
 }
 
 ApplicationInstance* ApplicationManager::GetApplicationInstance(
-    const GURL& url,
-    const std::string& qualifier) {
-  const auto& instance_it =
-      identity_to_instance_.find(Identity(url, qualifier));
+    const Identity& identity) const {
+  const auto& instance_it = identity_to_instance_.find(identity);
   if (instance_it != identity_to_instance_.end())
     return instance_it->second;
   return nullptr;