shared/rm-rf: loop over nested directories instead of instead of recursing

To remove directory structures, we need to remove the innermost items first,
and then recursively remove higher-level directories. We would recursively
descend into directories and invoke rm_rf_children and rm_rm_children_inner.
This is problematic when too many directories are nested.

Instead, let's create a "TODO" queue. In the the queue, for each level we
hold the DIR* object we were working on, and the name of the directory. This
allows us to leave a partially-processed directory, and restart the removal
loop one level down. When done with the inner directory, we use the name to
unlinkat() it from the parent, and proceed with the removal of other items.

Because the nesting is increased by one level, it is best to view this patch
with -b/--ignore-space-change.

This fixes CVE-2021-3997, https://bugzilla.redhat.com/show_bug.cgi?id=2024639.
The issue was reported and patches reviewed by Qualys Team.
Mauro Matteo Cascella and Riccardo Schirone from Red Hat handled the disclosure.

(cherry picked from commit 5b1cf7a9be37e20133c0208005274ce4a5b5c6a1)
(cherry picked from commit 911516e1614e435755814ada5fc6064fa107a105)
(cherry picked from commit 6a28f8b55904c818b25e4db2e1511faac79fd471)
(cherry picked from commit c752f27b7647c99b4a17477c99d84fd8c950ddf0)
1 file changed
tree: 0387bec65b8e6e21bdd18e5e9133e40f4f90048a
  1. .clang-format
  2. .ctags
  3. .dir-locals.el
  4. .editorconfig
  5. .gitattributes
  6. .github/
  7. .gitignore
  8. .lgtm.yml
  9. .lgtm/cpp-queries/
  10. .mailmap
  11. .mkosi/
  12. .travis.yml
  13. .vimrc
  14. .ycm_extra_conf.py
  15. LICENSE.GPL2
  16. LICENSE.LGPL2.1
  17. Makefile
  18. NEWS
  19. README
  20. README.md
  21. TODO
  22. azure-pipelines.yml
  23. catalog/
  24. coccinelle/
  25. configure
  26. docs/
  27. factory/etc/
  28. hwdb.d/
  29. man/
  30. meson.build
  31. meson_options.txt
  32. mkosi.build
  33. modprobe.d/
  34. network/
  35. po/
  36. presets/
  37. rules.d/
  38. semaphoreci/
  39. shell-completion/
  40. src/
  41. sysctl.d/
  42. sysusers.d/
  43. test/
  44. tmpfiles.d/
  45. tools/
  46. travis-ci/
  47. units/
  48. xorg/
  49. zanata.xml
README.md

Systemd

System and Service Manager

Semaphore CI Build Status
Coverity Scan Status
OSS-Fuzz Status
CIFuzz
CII Best Practices
Travis CI Build Status
Language Grade: C/C++
CentOS CI - CentOS 7
CentOS CI - Arch
CentOS CI - Arch (sanitizers)
Build Status
Fossies codespell report Packaging status

Details

Most documentation is available on systemd's web site.

Assorted, older, general information about systemd can be found in the systemd Wiki.

Information about build requirements is provided in the README file.

Consult our NEWS file for information about what's new in the most recent systemd versions.

Please see the Hacking guide for information on how to hack on systemd and test your modifications.

Please see our Contribution Guidelines for more information about filing GitHub Issues and posting GitHub Pull Requests.

When preparing patches for systemd, please follow our Coding Style Guidelines.

If you are looking for support, please contact our mailing list or join our IRC channel.

Stable branches with backported patches are available in the stable repo.