Merge branch 'develop' of https://github.com/stacks-network/stacks-core into chore/aac-early-return-error-consensus-tests

Author: jacinta-stacks

.vscode/launch.json

@@ -27,7 +27,7 @@
         "args": [
           "build",
           "--bin=clarity-cli",
-          "--package=stackslib"
+          "--package=clarity-cli"
         ],
         "filter": {
           "name": "clarity-cli",

Cargo.lock

@@ -480,10 +480,6 @@ pub enum CheckErrorKind {
     /// String contains invalid UTF-8 encoding.
     InvalidUTF8Encoding,
 
-    // secp256k1 signature
-    /// Invalid secp256k1 signature provided in an expression.
-    InvalidSecp65k1Signature,
-
     /// Attempt to write to contract state in a read-only function.
     WriteAttemptedInReadOnly,
     /// `at-block` closure must be read-only but contains write operations.
@@ -814,7 +810,6 @@ impl DiagnosableError for CheckErrorKind {
             CheckErrorKind::TraitTooManyMethods(found, allowed) => format!("too many trait methods specified: found {found}, the maximum is {allowed}"),
             CheckErrorKind::InvalidCharactersDetected => "invalid characters detected".into(),
             CheckErrorKind::InvalidUTF8Encoding => "invalid UTF8 encoding".into(),
-            CheckErrorKind::InvalidSecp65k1Signature => "invalid seckp256k1 signature".into(),
             CheckErrorKind::TypeAlreadyAnnotatedFailure | CheckErrorKind::CheckerImplementationFailure => {
                 "internal error - please file an issue on https://github.com/stacks-network/stacks-blockchain".into()
             },

clarity-types/src/errors/analysis.rs

@@ -585,3 +585,46 @@ fn test_utf8_data_len_returns_vm_internal_error() {
         err
     );
 }
+
+#[test]
+fn invalid_utf8_encoding_from_oob_unicode_escape() {
+    // This is a syntactically valid escape: \u{HEX}
+    // BUT 110000 > 10FFFF (max Unicode scalar)
+    // So oob Unicode → char::from_u32(None) → InvalidUTF8Encoding
+    let bad_utf8_literal = "\\u{110000}".to_string();
+
+    let err = Value::string_utf8_from_string_utf8_literal(bad_utf8_literal).unwrap_err();
+    assert!(matches!(
+        err,
+        VmExecutionError::Unchecked(CheckErrorKind::InvalidUTF8Encoding)
+    ));
+}
+
+#[test]
+fn invalid_string_ascii_from_bytes() {
+    // 0xFF is NOT:
+    // - ASCII alphanumeric
+    // - ASCII punctuation
+    // - ASCII whitespace
+    let bad_bytes = vec![0xFF];
+
+    let err = Value::string_ascii_from_bytes(bad_bytes).unwrap_err();
+
+    assert!(matches!(
+        err,
+        VmExecutionError::Unchecked(CheckErrorKind::InvalidCharactersDetected)
+    ));
+}
+
+#[test]
+fn invalid_utf8_string_from_bytes() {
+    // 0x80 is an invalid standalone UTF-8 continuation byte
+    let bad_bytes = vec![0x80];
+
+    let err = Value::string_utf8_from_bytes(bad_bytes).unwrap_err();
+
+    assert!(matches!(
+        err,
+        VmExecutionError::Unchecked(CheckErrorKind::InvalidCharactersDetected)
+    ));
+}

clarity-types/src/tests/types/mod.rs

@@ -1052,6 +1052,8 @@ impl Value {
                     .ok_or_else(|| VmInternalError::Expect("Expected capture".into()))?;
                 let scalar_value = window[matched.start()..matched.end()].to_string();
                 let unicode_char = {
+                    // This first InvalidUTF8Encoding is logically unreachable: the escape regex rejects non-hex digits,
+                    // so from_str_radix only sees valid hex and never errors here.
                     let u = u32::from_str_radix(&scalar_value, 16)
                         .map_err(|_| CheckErrorKind::InvalidUTF8Encoding)?;
                     let c = char::from_u32(u).ok_or_else(|| CheckErrorKind::InvalidUTF8Encoding)?;
@@ -1445,6 +1447,10 @@ impl PrincipalData {
         literal: &str,
     ) -> Result<StandardPrincipalData, VmExecutionError> {
         let (version, data) = c32::c32_address_decode(literal).map_err(|x| {
+            // This `TypeParseFailure` is unreachable in normal Clarity execution.
+            // - All principal literals are validated by the Clarity lexer *before* reaching `parse_standard_principal`.
+            // - The lexer rejects any literal containing characters outside the C32 alphabet.
+            // Therefore, only malformed input fed directly into low-level VM entry points can cause this branch to execute.
             RuntimeError::TypeParseFailure(format!("Invalid principal literal: {x}"))
         })?;
         if data.len() != 20 {
@@ -1638,10 +1644,7 @@ impl TupleData {
         })
     }
 
-    pub fn shallow_merge(
-        mut base: TupleData,
-        updates: TupleData,
-    ) -> Result<TupleData, VmExecutionError> {
+    pub fn shallow_merge(mut base: TupleData, updates: TupleData) -> TupleData {
         let TupleData {
             data_map,
             mut type_signature,
@@ -1650,7 +1653,7 @@ impl TupleData {
             base.data_map.insert(name, value);
         }
         base.type_signature.shallow_merge(&mut type_signature);
-        Ok(base)
+        base
     }
 }