Missing checks of canSafeBoostVault in onSafeSlurp function in TurboMaster.sol#L279.
The current vault deposit could already be at BoostCap. Calling slurp on this vault would add interest on the getTotalFeiBoostedForVault[V] which will now becomes > BoostCap
Proof of Concept
Observe that onSafeSlurp function in TurboMaster.sol#L279 is missing any call to canSafeBoostVault to see if current value+interest > cap
Recommended Mitigation Steps
Make a call to canSafeBoostVault in onSafeSlurp function and if boosting cap is bypassed then call onSafeLess with the excess amount
Lines of code
https://github.com/code-423n4/2022-02-tribe-turbo/blob/main/src/TurboMaster.sol#L279
Vulnerability details
Impact
Missing checks of canSafeBoostVault in onSafeSlurp function in TurboMaster.sol#L279. The current vault deposit could already be at BoostCap. Calling slurp on this vault would add interest on the getTotalFeiBoostedForVault[V] which will now becomes > BoostCap
Proof of Concept
Recommended Mitigation Steps
Make a call to canSafeBoostVault in onSafeSlurp function and if boosting cap is bypassed then call onSafeLess with the excess amount