[rust-launcher] Add manifest traversal depth limit #2613
Description
Context
Follow-up from PR #2326 (port node launcher to Rust). Tracked in #2598.
Problem
get_manifest_digest() in crates/tee-launcher/src/main.rs (line 302) processes tags from a VecDeque. Multi-platform manifests add child digests back to the deque. In theory, this loop is unbounded if manifests keep referencing other manifests.
Action
Add a MAX_MANIFEST_DEPTH constant (e.g., 10) and track traversal depth. Return an error if exceeded.
Low priority -- unlikely with real Docker registries.