Since the path and the length of a circuit can be chosen by a modified client an attacker could make it arbitrarily long and thus multiply the the impact of his traffic on the network by the amount of hops.
Is there any limitation besides possible packet size limitations and timeouts? And what would the practical limit be?
I assume there must be some counter measure. Otherwise someone would have already done this.
The type of attack you are describing is a congestion attack. In theory, the simplest form of such an attack would be a general DoS on the Tor network.
Taking things one step further, a congestion attack could be used in conjunction with traffic correlation to monitor a given user of the Tor network. Such a strategy is discussed in A Practical Congestion Attack on Tor Using Long Paths (section 2.2.3).
To mitigate such attacks, as of Tor version 0.2.1.3-alpha, the maximum number of hops is restricted to 8, regardless of what is set in the client code. This is done by restricting the number of "relay early" cells that a client can send when creating a circuit.
[A Practical Congestion Attack on Tor Using Long Paths, Section 5: Proposed Solutions]
In the modified design, Tor routers now must keep track of how often each circuit has been extended and refuse to route messages that would extend the circuit beyond a given threshold t. This can be done by tagging messages that may extend the circuit with a special flag that is not part of the encrypted stream. The easiest way to do this is to introduce a new Tor cell type that is used to flag cells that may extend the circuit. Routers then count the number of messages with the special flag and refuse to route more than a given small number (at the moment, eight) of those messages. Routers that receive a circuit-extension request check that the circuit-extension message is contained in a cell of the appropriate type.
User can not make the path length longer unless Tor is re-compiled from source. If you indeed managed to make longer path, it will dampen your bandwidth and increase network load.
Have a look at the post Is it possible to make the Tor onion-routing path longer?
