[PATCH] Fix potential bugs of wpa_ctrl_request

[Johannes Berg]

On Fri, 2021-07-23 at 17:41 +0800, xinpeng wang wrote:
> wpa_ctrl_request will block for up to 10 seconds while waiting for the reply,
> but when this function call select is interrupted, re-assign the timeout parameter to 10s,
> which will cause the time to exceed 10s;
> 


> +	tv.tv_sec = 10;
> +	tv.tv_usec = 0;
>  	for (;;) {
> -		tv.tv_sec = 10;
> -		tv.tv_usec = 0;
>  		FD_ZERO(&rfds);
>  		FD_SET(ctrl->s, &rfds);
>  		res = select(ctrl->s + 1, &rfds, NULL, NULL, &tv);

This is incorrect, there's no guarantee that select() updates the
timeout value to the remaining time. It *may* do that, but it's not
guaranteed, and in fact e.g. the NetBSD man page states that it does
*not* do that.

OTOH, I guess if it doesn't change it then the patch will not actually
change the behaviour, but the code will be harder to comprehend IMHO.

I don't actually know if there's any API that is guaranteed to update
the remaining time? Perhaps since we're talking about really long times
here, we could just calculate the remaining time out-of-band with
gettimeofday() or something.

johannes