Open code423n4 opened 3 years ago
either non-critical or no an issue. This issue relies on malicious governance that woulnt be behind a timelock. Would also not block out any ability to save assets from the vault.
The problem is presented from different view but is essentially the result of #17 so it's non-critical.
Handle
pauliax
Vulnerability details
Impact
function setStrategiesLength should check that the value is not above MAX_STRATS. Now admin can set any arbitrary value for strategiesLength. The number of iterations in loops relies on this value so if it becomes too high, a block gas limit may be exceeded. Thus it makes sense to explicitly enforce the limit with MAX_STRATS.
Recommended Mitigation Steps
require _strategiesLength <= MAX_STRATS