Function validate_sqlite_path 

pub fn validate_sqlite_path(path: &str) -> Result<PathBuf>

Validate a SQLite file path to prevent path traversal attacks

Security checks:

• Canonicalizes path to resolve symlinks and relative paths
• Verifies file exists and is a regular file (not directory)
• Checks file extension is .db, .sqlite, or .sqlite3
• Does NOT follow symlinks outside allowed directories

Arguments

• path - Path to SQLite file (can be relative or absolute)

Returns

Canonicalized absolute path if valid, error otherwise

Security

CRITICAL: This function prevents path traversal attacks like:

• ../../../etc/passwd
• /etc/shadow
• Symlink attacks

Examples

// Valid paths (when files exist)
assert!(validate_sqlite_path("database.db").is_ok());
assert!(validate_sqlite_path("/tmp/test.sqlite").is_ok());

// Invalid paths
assert!(validate_sqlite_path("../../../etc/passwd").is_err());
assert!(validate_sqlite_path("/nonexistent.db").is_err());