Fix heap use after free.

Asan shows the memory op used was freed by mOperationMap.removeOperation(token), so change the order of mAuthTokenTable.MarkCompleted(op.handle) and mOperationMap.removeOperation(token).

Bug: 74572753
Test: runtest --path
cts/tests/tests/keystore/src/android/keystore/cts/KeyStoreTest.java

Change-Id: I9f5452fc639a1f694c37759ee860f73f57d0fdcf
diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp
index aab3db1..721b857 100644
--- a/keystore/key_store_service.cpp
+++ b/keystore/key_store_service.cpp
@@ -1436,8 +1436,9 @@
         op.device->finish(op.handle, inParams,
                           ::std::vector<uint8_t>() /* TODO(swillden): wire up input to finish() */,
                           signature, authToken, VerificationToken(), hidlCb));
-    mOperationMap.removeOperation(token);
+    // removeOperation() will free the memory 'op' used, so the order is important
     mAuthTokenTable.MarkCompleted(op.handle);
+    mOperationMap.removeOperation(token);
 
     // just a reminder: on success result->resultCode was set in the callback. So we only overwrite
     // it if there was a communication error indicated by the ErrorCode.