strategiesLength should not be allowed to exceed MAX_STRATS

[code423n4]

Handle

pauliax

Vulnerability details

Impact

function setStrategiesLength should check that the value is not above MAX_STRATS. Now admin can set any arbitrary value for strategiesLength. The number of iterations in loops relies on this value so if it becomes too high, a block gas limit may be exceeded. Thus it makes sense to explicitly enforce the limit with MAX_STRATS.

Recommended Mitigation Steps

require _strategiesLength <= MAX_STRATS

[kitty-the-kat]

either non-critical or no an issue. This issue relies on malicious governance that woulnt be behind a timelock. Would also not block out any ability to save assets from the vault.

[ghoul-sol]

The problem is presented from different view but is essentially the result of #17 so it's non-critical.