Owner can steal or DoS all withdrawals by setting high `feeBPS`

[code423n4]

Lines of code

https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/rubiconPools/BathToken.sol#L260-L262

Vulnerability details

Impact

The owner is able to set the feeBPS as high as they like since no validation is performed in the setter. This can have two effects:

• By setting the feeBPS variable to 10000, the owner will effectively steal 100% percent of the withdraw value.
• By setting the feeBPS variable to 10001, the owner will DOS the withdrawal because the _withdraw() function will attempt to transfer more token to the feeTo than available for the withdrawal.

Tools Used

Manual review

Recommended Mitigation Steps

Apply some validation so that the fee can only be set within a specific range.

[bghughes]

Duplicate of #125 #411

[HickupHH3]

Duplicate of #21