guard oversized blob length in callbackRetBlob

[dxbjavid]

callbackRetBlob forwards a custom function's []byte return through C.int(len(bs)) to sqlite3_result_blob, but the sqlite3 C API takes the byte count as a signed int. On 64-bit a return value over 2 GiB narrows to a negative length, and since the docs say a negative length is only defined for text, sqlite3VdbeMemSetStr runs the blob terminator scan off the end of the Go buffer, which has no NUL terminator (OOB read). I noticed it while reading the result paths after the earlier bind/result length fixes. Same guard as ResultBlob/ResultText: reject with sqlite3_result_error_toobig when it would not fit.

[codecov-commenter]

⚠️ Please install the to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

❌ Patch coverage is 0% with 3 lines in your changes missing coverage. Please review.
✅ Project coverage is 51.45%. Comparing base (18cdded) to head (5f1e21d).
⚠️ Report is 93 commits behind head on master.

Files with missing lines	Patch %	Lines
callback.go	0.00%	3 Missing ⚠️
❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #1405      +/-   ##
==========================================
+ Coverage   47.16%   51.45%   +4.28%     
==========================================
  Files          12       13       +1     
  Lines        1533     1862     +329     
==========================================
+ Hits          723      958     +235     
- Misses        669      745      +76     
- Partials      141      159      +18     

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[mattn]

Thank you

[dxbjavid]

Thanks for the review and merge. Looking forward to contributing more.