For trusted feeds, PriceOracleV3._getPriceSafe uses main price feed even when reserve one is activated

[lekhovitsky]

core-v3/contracts/core/PriceOracleV3.sol

Lines 127 to 136 in e16559a

	function _getPriceSafe(address token) internal view returns (uint256 price, uint256 scale) {
	(address priceFeed, uint32 stalenessPeriod, bool skipCheck, uint8 decimals,, bool trusted) =
	_getPriceFeedParams(token);
	(price, scale) = _getPrice(priceFeed, stalenessPeriod, skipCheck, decimals); // U:[PO-11]
	if (!trusted) {
	if (_priceFeedsParams[_getTokenReserveKey(token)].priceFeed == address(0)) return (0, scale); // U:[PO-11]
	(uint256 reservePrice,) = _getPriceRaw(token, true);
	price = Math.min(price, reservePrice); // U:[PO-11]
	}

If the main feed starts reporting inflated prices and controller activates the reserve one, a user would be able fall back to the main one by adding a dummy withdrawal in a multicall.

A proper behaviour would be to return the active feed price for trusted feeds, and min of both feeds for untrusted feeds.

Also, when the feed is not trusted and reserve feed is not set, there is no need to spend gas for the main feed price computation because the result would be zero anyways.