Resolve L-06: Revoke spend allowance from previous router

src/BrrETH.sol

@@ -286,10 +286,16 @@ contract BrrETH is Ownable, ERC4626 {
     function setRouter(address _router) external onlyOwner {
         if (_router == address(0)) revert InvalidRouter();
 
+        ICometRewards.RewardConfig memory rewardConfig = cometRewards
+            .rewardConfig(_COMET);
+
+        // Revoke the spend allowance from the soon-to-be changed router.
+        rewardConfig.token.safeApproveWithRetry(address(router), 0);
+
         router = IRouter(_router);
 
         // Enable the new router to swap reward tokens into more WETH.
-        approveTokens();
+        rewardConfig.token.safeApproveWithRetry(_router, type(uint256).max);
 
         emit SetRouter(_router);
     }

test/BrrETH.t.sol

@@ -657,8 +657,12 @@ contract BrrETHTest is Helper {
         ERC20 rewardToken = ERC20(rewardConfig.token);
         address router = address(0xbeef);
 
-        assertTrue(router != address(vault.router()));
+        assertTrue(router != _ROUTER);
         assertEq(0, rewardToken.allowance(address(vault), router));
+        assertEq(
+            type(uint256).max,
+            rewardToken.allowance(address(vault), _ROUTER)
+        );
 
         vm.expectEmit(true, true, true, true, address(vault));
 
@@ -671,10 +675,11 @@ contract BrrETHTest is Helper {
             type(uint256).max,
             rewardToken.allowance(address(vault), router)
         );
+        assertEq(0, rewardToken.allowance(address(vault), _ROUTER));
     }
 
     function testSetRouterFuzz(address router) external {
-        vm.assume(router != address(0));
+        vm.assume(router != address(0) && router != _ROUTER);
 
         ICometRewards.RewardConfig memory rewardConfig = _COMET_REWARDS
             .rewardConfig(_COMET);