fix(bolt12): Add UTF-8 validation for offer currency field

Validate that offer_currency contains valid UTF-8 bytes as required by
BOLT12 specification. ISO 4217 currency codes must be valid 3-letter
ASCII strings, which are a subset of UTF-8.

Author: erickcestari

lightning/src/offers/offer.rs

@@ -1216,6 +1216,11 @@ impl TryFrom<FullOfferTlvStream> for OfferContents {
 			return Err(Bolt12SemanticError::MissingDescription);
 		}
 
+		if let Some(currency_bytes) = currency {
+			std::str::from_utf8(&currency_bytes)
+				.map_err(|_| Bolt12SemanticError::InvalidCurrencyCode)?;
+		}
+
 		let features = features.unwrap_or_else(OfferFeatures::empty);
 
 		let absolute_expiry =
@@ -2199,9 +2204,10 @@ mod bolt12_tests {
 
 		// Malformed: invalid currency UTF-8
 		assert_eq!(
-			"lno1qcpgqsg2q4q5cj2rg5tzzqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqg"
-				.parse::<Offer>(),
-			Err(Bolt12ParseError::Decode(DecodeError::ShortRead)),
+			"lno1qcp5624ypqpzwyq2p32x2um5ypmx2cm5dae8x93pqthvwfzadd7jejes8q9lhc4rvjxd022zv5l44g6qah82ru5rdpnpj".parse::<Offer>(),
+			Err(Bolt12ParseError::InvalidSemantics(
+				Bolt12SemanticError::InvalidCurrencyCode
+			)),
 		);
 
 		// Malformed: truncated description UTF-8

lightning/src/offers/parse.rs

@@ -149,6 +149,8 @@ pub enum Bolt12SemanticError {
 	MissingAmount,
 	/// The amount exceeded the total bitcoin supply or didn't match an expected amount.
 	InvalidAmount,
+	/// The currency code was not valid UTF-8.
+	InvalidCurrencyCode,
 	/// An amount was provided but was not sufficient in value.
 	InsufficientAmount,
 	/// An amount was provided but was not expected.