Skip to content

Invalid access tokens crash ODBC driver - need defensive validation #278

New issue
New issue
Open
Bug
#279
Open
Invalid access tokens crash ODBC driver - need defensive validation#278
Bug
#279
Assignees
bewithgaurav
Labels
bugSomething isn't workingtriage doneIssues that are triaged by dev team and are in investigation.
@bewithgaurav

Description

@bewithgaurav
bewithgaurav
opened on Oct 6, 2025

Describe the bug

The ODBC driver crashes with segmentation fault (macOS) or access violation (Windows) when SQL_COPT_SS_ACCESS_TOKEN (attribute 1256) is set with invalid token data via attrs_before parameter. The driver does not handle these cases gracefully, causing the Python process to crash.

This is replicable in pyodbc as well, indicating it's an underlying ODBC driver bug that we need to defend against.

Exception details:

macOS:

2025-10-06 16:00:07,377 - DEBUG - connection.py - [DDBC Bindings log] Connection string buffer created
zsh: segmentation fault  python main.py

Windows:

Windows fatal exception: access violation

Current thread 0x000029c8 (most recent call first):
  File "mssql_python\connection.py", line 203 in __init__
  File "mssql_python\db_connection.py", line 36 in connect
  File "main.py", line 22 in <module>

Stack trace shows crash originates in SQLDriverConnectW inside libmsodbcsql.18.dylib:

Thread 0 Crashed::  Dispatch queue: com.apple.main-thread
0   libsystem_platform.dylib      	0x1819e5320 _platform_memmove + 96
1   libmsodbcsql.18.dylib         	0x101220000 0x101168000 + 753664
...
11  libmsodbcsql.18.dylib         	0x1011c89ac SQLDriverConnectW + 2620
12  ddbc_bindings.cp313-universal2.so	0x10148c834 Connection::connect(pybind11::dict const&) + 528

To reproduce

Crash scenarios (connection string has no UID/PWD):

from mssql_python import connect

conn_str = "Driver={ODBC Driver 18 for SQL Server};Server=tcp:server.database.windows.net,1433;Database=testdb;"

# macOS: Crashes with tokens < 32 bytes
# Windows: Crashes with tokens >= 16 bytes
attrs_before = {1256: b"a" * 16} 
conn = connect(conn_str, attrs_before=attrs_before)

# macOS: 32 byte token works, but further larger tokens crash
# Windows: Any token >= 16 bytes crash
attrs_before = {1256: b"x" * 64}  # 64 bytes of invalid data - crashes on macOS
conn = connect(conn_str, attrs_before=attrs_before)

Platform-specific crash thresholds:

  • Windows: Crashes with binary tokens with length > 15
  • macOS: Crashes with binary tokens where length < 32, and also with longer malformed tokens (e.g., 64 bytes)

Expected behavior

The library should validate access token format and provide a clear error message before passing invalid data to the ODBC driver:

# Should raise a clear exception like:
# ValueError: Invalid access token format. Expected properly formatted OAuth 2.0 token.
# or
# TypeError: Access token must be bytes, not str

Rather than crashing the Python interpreter with segfault/access violation.

Further technical details

Python version: 3.13
ODBC Driver: Microsoft ODBC Driver 18 for SQL Server
Operating systems:

  • macOS (segmentation fault)
  • Windows (access violation)

Additional context

  • This issue is also reproducible in pyodbc for some scenarios, confirming it's an ODBC driver bug
  • ODBC documentation states tokens should be formatted with zero-byte padding (UCS-2 style), but doesn't specify minimum length
  • The library should implement defensive validation to prevent these crashes and provide helpful error messages

Metadata

Metadata

Assignees

Labels

bugSomething isn't workingtriage doneIssues that are triaged by dev team and are in investigation.

Type

Bug

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions