Reland "[Fast Pair] Prevent invalid iterators when removing expired devices"

This is a reland of commit 6b6ced5
This change fixes the global buffer overflow by explicitly saying
the test address bytes size is 6.

Original change's description:
> [Fast Pair] Prevent invalid iterators when removing expired devices
>
> When iterating over the list of devices, we want to also remove from
> this list, however this can invalidate the iterator we are using to
> parse over them. This change uses the classic approach of loop over
> the map and collect the keys you want to remove in the vector, the
> loop over the vector and removes them.
>
> tested on DUT that retroactive pairing and removing expired devices
> works as expected.
>
> Test: Recreated the crash with unit tests and verified it works,
> Fixed: b/266753250
> Change-Id: If1e36070facf5d599b248d29ed944bc581668a05
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4195321
> Reviewed-by: Daniel Classon <dclasson@google.com>
> Commit-Queue: Juliet Lévesque <julietlevesque@google.com>
> Cr-Commit-Position: refs/heads/main@{#1097185}

Change-Id: I71be79695548f7caf930219196c49201bd35f064
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4197855
Commit-Queue: Juliet Lévesque <julietlevesque@google.com>
Reviewed-by: Daniel Classon <dclasson@google.com>
Cr-Commit-Position: refs/heads/main@{#1097447}

Author: julietlevesque

ash/quick_pair/pairing/retroactive_pairing_detector_impl.cc

@@ -491,6 +491,7 @@ void RetroactivePairingDetectorImpl::RemoveDeviceInformation(
 
 void RetroactivePairingDetectorImpl::RemoveDeviceInformationHelper(
     const std::string& device_address) {
+  QP_LOG(INFO) << __func__;
   potential_retroactive_addresses_.erase(device_address);
   device_pairing_information_.erase(device_address);
 
@@ -511,15 +512,20 @@ void RetroactivePairingDetectorImpl::
   // `CheckPairingInformation` if it has exceeded the allotted time for
   // detecting the scenario (kDetectRetroactiveScenarioTimeout). We clean up
   // these devices here.
+  std::vector<std::string> devices_to_remove;
   for (auto it = device_pairing_information_.begin();
        it != device_pairing_information_.end(); ++it) {
     if (base::Time::Now() >= it->second.expiry_timestamp) {
-      QP_LOG(VERBOSE) << __func__ << ": Removing device at " << it->first
-                      << "that has exceeded the time allotted for detecting "
-                         "retroactive scenario.";
-      RemoveDeviceInformationHelper(it->first);
+      devices_to_remove.push_back(it->first);
     }
   }
+
+  for (std::string device_address : devices_to_remove) {
+    QP_LOG(VERBOSE) << __func__ << ": Removing device at " << device_address
+                    << "that has exceeded the time allotted for detecting "
+                       "retroactive scenario.";
+    RemoveDeviceInformationHelper(device_address);
+  }
 }
 
 void RetroactivePairingDetectorImpl::OnPairFailure(scoped_refptr<Device> device,

ash/quick_pair/pairing/retroactive_pairing_detector_unittest.cc

@@ -43,12 +43,16 @@
 namespace {
 
 constexpr base::TimeDelta kRetroactiveDevicePairingTimeout = base::Seconds(60);
-constexpr char kTestDeviceAddress[] = "11:12:13:14:15:16";
 constexpr char kTestDeviceAddress2[] = "11:12:13:14:15:17";
 constexpr char kTestBleDeviceName[] = "Test Device Name";
 constexpr char kValidModelId[] = "718c17";
 const std::string kUserEmail = "test@test.test";
 
+// Expect no crash with invalid UTF-8 strings as device address.
+constexpr char kTestDeviceAddress[6] = {
+    static_cast<char>(0xFE), static_cast<char>(0xFE), static_cast<char>(0xFF),
+    static_cast<char>(0xFF), static_cast<char>(0xFF), static_cast<char>(0xFF)};
+
 const std::vector<uint8_t> kModelIdBytes = {
     /*message_group=*/0x03,
     /*message_code=*/0x01,