tinyldap trusts the binary data file on disk.
There are numerous ways to make tinyldap crash or loop endlessly if an
attacker can hex edit the data file.

Other than that, tinyldap does not trust anyone :-)

tinyldap can (and should) be run as non-root, via tcpserver, in a chroot
jail.

If you worry about memory consumption, set resource limits before
running tinyldap, e.g. with softlimit from daemontools or limit/ulimit
in your shell.