Describe the bug

The ODBC driver crashes with segmentation fault (macOS) or access violation (Windows) when SQL_COPT_SS_ACCESS_TOKEN (attribute 1256) is set with invalid token data via attrs_before parameter. The driver does not handle these cases gracefully, causing the Python process to crash.

This is replicable in pyodbc as well, indicating it's an underlying ODBC driver bug that we need to defend against.

Exception details:

macOS:

2025-10-06 16:00:07,377 - DEBUG - connection.py - [DDBC Bindings log] Connection string buffer created zsh: segmentation fault python main.py 

Windows:

Windows fatal exception: access violation Current thread 0x000029c8 (most recent call first): File "mssql_python\connection.py", line 203 in __init__ File "mssql_python\db_connection.py", line 36 in connect File "main.py", line 22 in <module> 

Stack trace shows crash originates in SQLDriverConnectW inside libmsodbcsql.18.dylib:

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 libsystem_platform.dylib	0x1819e5320 _platform_memmove + 96 1 libmsodbcsql.18.dylib	0x101220000 0x101168000 + 753664 ... 11 libmsodbcsql.18.dylib	0x1011c89ac SQLDriverConnectW + 2620 12 ddbc_bindings.cp313-universal2.so	0x10148c834 Connection::connect(pybind11::dict const&) + 528 

To reproduce

Crash scenarios (connection string has no UID/PWD):

from mssql_python import connect conn_str = "Driver={ODBC Driver 18 for SQL Server};Server=tcp:server.database.windows.net,1433;Database=testdb;" # macOS: Crashes with tokens < 32 bytes # Windows: Crashes with tokens >= 16 bytes attrs_before = {1256: b"a" * 16} conn = connect(conn_str, attrs_before=attrs_before) # macOS: 32 byte token works, but further larger tokens crash # Windows: Any token >= 16 bytes crash attrs_before = {1256: b"x" * 64} # 64 bytes of invalid data - crashes on macOS conn = connect(conn_str, attrs_before=attrs_before)

Platform-specific crash thresholds:

• Windows: Crashes with binary tokens with length > 15
• macOS: Crashes with binary tokens where length < 32, and also with longer malformed tokens (e.g., 64 bytes)

Expected behavior

The library should validate access token format and provide a clear error message before passing invalid data to the ODBC driver:

# Should raise a clear exception like: # ValueError: Invalid access token format. Expected properly formatted OAuth 2.0 token. # or # TypeError: Access token must be bytes, not str

Rather than crashing the Python interpreter with segfault/access violation.

Further technical details

Python version: 3.13
ODBC Driver: Microsoft ODBC Driver 18 for SQL Server
Operating systems:

• macOS (segmentation fault)
• Windows (access violation)

Additional context

• This issue is also reproducible in pyodbc for some scenarios, confirming it's an ODBC driver bug
• ODBC documentation states tokens should be formatted with zero-byte padding (UCS-2 style), but doesn't specify minimum length
• The library should implement defensive validation to prevent these crashes and provide helpful error messages