How should we proceed here? The patch submitted for this just hard codes the value of PASSLIB_MAX_PASSWORD_SIZE to 4096. Is that the correct thing to do or should we allow it to be configured?
If it can be configured do we need to have boundaries we can validate against (like a lower bounds of 1024 and and upper bounds of 16384)?
How should we proceed here? The patch submitted for this just hard codes the value of PASSLIB_ MAX_PASSWORD_ SIZE to 4096. Is that the correct thing to do or should we allow it to be configured?
If it can be configured do we need to have boundaries we can validate against (like a lower bounds of 1024 and and upper bounds of 16384)?