initialize could revert for non-standard token like USDT

[hats-bug-reporter[bot]]

Github username: @mgf15 Twitter username: -- Submission hash (on-chain): 0x9aa94945c93dd9427223c761a6cb296107b26958eb16f0e7bc426d9c52be3886 Severity: low

Description: Description\ Some non-standard tokens like USDT will revert when a contract or a user tries to approve an al- lowance when the spender allowance has already been set to a non zero value.

Attack Scenario

        /// @dev Allows to swap some Asset to cvxAsset on the stable pool
        asset.approve(address(_curvePool), type(uint256).max);

        /// @dev Allows to swap some Asset to cvxAsset on the asset depositor of Convex
        asset.approve(address(assetDepositor), type(uint256).max);

when deploy the contract the initialize function approve the address asset , if the asset was passed as non-standard token like USDT , KNC , the transaction will revert .

Attachments

1. Proof of Concept (PoC) File

2. Revised Code File (Optional)

[PlamenTSV]

On initialization, the initial allowance will be 0, thus USDT works.