Dear all, We recently discovered a memory leak in the ic_cdk::call* implementation in @dfinity/cdk-rs . Canisters built in Rust with ic_cdk and ic_cdk_timers are affected. If these canisters call a canister method, use timers or heartbeat, they will likely leak a small amount of memory on every such …

Security Bug - Memory leak when calling a canister method via `ic_cdk::call`

peterparker September 7, 2024, 3:08pm 3

Sharing for visibility: According to this post, the security advisory on crates might contain a typo regarding the safest latest version, listing v16.0.0 instead of v0.16.0

Topic		Replies	Views
RUSTSEC 2024-0372 ic-cdk not accepting 0.16.0 Developers	1	37	September 7, 2024
Rust CDK v0.5.1 is out Developers	10	912	May 27, 2022
Issues with ic_cdk::spawn and Inter-Canister Calls Rust	3	87	September 25, 2024
Community Conversations \| Security Best Practices Developers security	6	1355	January 11, 2025
The InfinitySwap IC CDK Developers CDK , sdk	2	1524	June 23, 2022

Security Bug - Memory leak when calling a canister method via `ic_cdk::call`

Related topics