Borrow fixes

[Havoc19]

1. Borrowed Token Length Tracking

#### Mechanism
1. Before borrowing, we capture the initial length of borrowed tokens:
   ```solidity
   uint256 borrowedLengthBefore = (
     assetHandler.getBorrowedTokens(_vault, _controller)
   ).length;

2. After borrowing, we capture the new length:

   uint256 borrowedLengthAfter = (
    assetHandler.getBorrowedTokens(_vault, _controller)
   ).length;

3. We increment tokensBorrowed only if a new token type was borrowed:

   if (borrowedLengthAfter > borrowedLengthBefore) {
    tokensBorrowed++;
   }

Why This Approach?

• Accurately tracks the number of unique token types borrowed
• Ensures compliance with the protocol's MAX_BORROW_TOKEN_LIMIT

Example Scenario

• Initial state: Vault has borrowed 2 token types
• New borrow of an existing token type: tokensBorrowed remains 2
• New borrow of a completely new token type: tokensBorrowed increments to 3

Safeguards

• Protects against potential DOS or complexity attacks

2. Flash Loan Safety Mechanism

#### Mechanism
1. Flag Initialization:
   ```solidity
   bool _isFlashLoanActive;

• Initially set to false
• Indicates no active flash loan

2. Before Flash Loan Initiation:

   // Set flash loan flag to true to allow callback execution
   _isFlashLoanActive = true;

   • Enables callback processing
   • Signals the start of a flash loan operation

3. Callback Verification:

   function algebraFlashCallback(...) external override {
      // Prevent unauthorized callbacks
      if(!_isFlashLoanActive) revert ErrorLibrary.FlashLoanIsInactive();
   
      // Proceed with callback logic
      // ...
   }

Security Considerations

• Blocks unexpected or duplicate callback attempts
• Provides a clear state management for flash loan lifecycle

Potential Attack Vectors Mitigated

• Prevents multiple simultaneous flash loan callbacks
• Stops unauthorized contract interactions