Address outstanding comments from CL 10384140

remoting/host/me2me_preference_pane.mm

Index: remoting/host/me2me_preference_pane.mm
diff --git a/remoting/host/me2me_preference_pane.mm b/remoting/host/me2me_preference_pane.mm
index 79acf7c3b92006d796186e75b8d14cc1594855f3..5dd127e32aac080d7ef7ec6a13625112f524b2e0 100644
--- a/remoting/host/me2me_preference_pane.mm
+++ b/remoting/host/me2me_preference_pane.mm
@@ -83,6 +83,8 @@ bool IsPinValid(const std::string& pin, const std::string& host_id,
   int hash_base64_size = static_cast<int>(hash_base64.size());
   std::string hash;
   hash.resize(modp_b64_decode_len(hash_base64_size));
+
+  // modp_b64_decode_len() returns at least 1, so hash[0] is safe here.
   int hash_size = modp_b64_decode(&(hash[0]), hash_base64.data(),
                                   hash_base64_size);
   if (hash_size < 0) {
@@ -99,6 +101,9 @@ bool IsPinValid(const std::string& pin, const std::string& host_id,
          pin.data(), pin.size(),
          &(computed_hash[0]));
 
+  // Normally, a constant-time comparison function would be used, but it is
+  // unnecessary here as the "secret" is already readable by the user
+  // supplying input to this routine.
   return computed_hash == hash;
 }