Get the latest tech news
SQLite: Defense Against the Dark Arts
ould never crash, overflow a buffer, leak memory, or exhibit any other harmful behavior, even when presented with maliciously malformed SQL inputs or database files. SQLite should always detect erroneous inputs and raise an error, not crash or corrupt memory.
SQLite should never crash, overflow a buffer, leak memory, or exhibit any other harmful behavior, even when presented with maliciously malformed SQL inputs or database files. If you are writing an application that sends untrusted SQL inputs or database files to SQLite, there are additional steps you can take to help reduce the attack surface and prevent zero-day exploits caused by undetected bugs. To find out how much heap space an application actually needs, run the it against typical inputs and then measure the maximum instantaneous memory usage with the sqlite3_memory_highwater() interface.
Or read this on Hacker News