Pass a minimally sized buffer to BoringSSL's HMAC().

components/webcrypto/algorithms/hmac.cc

Index: components/webcrypto/algorithms/hmac.cc
diff --git a/components/webcrypto/algorithms/hmac.cc b/components/webcrypto/algorithms/hmac.cc
index b02d70c2a9ae1214af6b51e92fb0b916e78b5206..2b4f22ed67cc28a44cbecba7501cd4afd8768052 100644
--- a/components/webcrypto/algorithms/hmac.cc
+++ b/components/webcrypto/algorithms/hmac.cc
@@ -96,16 +96,20 @@ Status SignHmac(const std::vector<uint8_t>& raw_key,
   size_t hmac_expected_length = EVP_MD_size(digest_algorithm);
 
   buffer->resize(hmac_expected_length);
-  crypto::ScopedOpenSSLSafeSizeBuffer<EVP_MAX_MD_SIZE> hmac_result(
-      buffer->data(), hmac_expected_length);
 
   unsigned int hmac_actual_length;
   unsigned char* const success =
       HMAC(digest_algorithm, raw_key.data(), raw_key.size(), data.bytes(),
-           data.byte_length(), hmac_result.safe_buffer(), &hmac_actual_length);
-  if (!success || hmac_actual_length != hmac_expected_length)
+           data.byte_length(), buffer->data(), &hmac_actual_length);
+  if (!success)

[davidben, 2016/08/02 18:17:54]

Optional: You can also just write:

if (!HMAC(....)) {
  return Status::OperationError();
}

[eroman, 2016/08/02 18:28:21]

Done.

     return Status::OperationError();
 
+  if (hmac_actual_length != hmac_expected_length) {
+    // HMAC() promises to use at most EVP_MD_CTX_size(). If this was not the
+    // case then memory corruption may have just occurred.
+    CHECK(false);
+  }

[davidben, 2016/08/02 18:17:54]

CHECK_EQ(hmac_expected_length, hmac_actual_length);

[eroman, 2016/08/02 18:28:21]

Done.

+
   return Status::Success();
 }