Modernize c-file-monitor: Upgrade to C11, improve security, and add testing

Overview

Modernize the c-file-monitor sensor with modern C standards, improved security practices, better error handling, and comprehensive testing infrastructure.

Current State

The c-file-monitor is a foundational embedded C application that demonstrates several legacy patterns:

  • Uses unsafe C string functions (strcpy, sprintf)
  • Hardcoded configuration and credentials
  • Minimal error handling
  • No unit testing infrastructure
  • Basic Makefile without modern build tooling
  • Legacy POSIX APIs without abstraction

Problem to Solve

This modernization demonstrates how agentic AI can upgrade embedded C codebases to:

  1. Follow modern C11/C17 standards
  2. Implement secure coding practices (MISRA C, CWE prevention)
  3. Add comprehensive unit testing
  4. Improve code organization and maintainability
  5. Enhance observability and diagnostics

Proposal

1. Upgrade to C11 Standard

  • Update compiler flags in Makefile to -std=c11
  • Enable compiler warnings: -Wall -Wextra -Wpedantic -Wshadow
  • Use modern C11 features:
    • <stdint.h> for fixed-width integers
    • <stdbool.h> for boolean types
    • _Generic for polymorphism where applicable

2. Security Hardening

Replace unsafe functions with bounds-checked alternatives:

  • Replace strcpy()strncpy() with proper bounds
  • Replace sprintf()snprintf() with buffer size
  • Remove hardcoded credentials (move to environment variables)
  • Implement input validation for all user/config inputs
  • Add buffer overflow detection (canary values)
  • Use errno properly for error reporting
  • Implement secure file operations (check TOCTOU vulnerabilities)

Specific fixes needed:

  • Line 23: strcpy(global_log_buffer, argv[1]) → use snprintf() with bounds
  • Lines 32, 35, 37: Config struct strcpy calls → use strncpy() with size checks
  • Line 56: sprintf(status_msg, ...) → use snprintf()

3. Remove Credentials & Configuration

  • Remove hardcoded API_KEY and DEFAULT_USER
  • Implement environment variable reading with defaults
  • Add secure config file parsing with validation
  • Support multiple config formats (ini, json, yaml)

4. Improve Error Handling

  • Check all return values from system calls
  • Use standard error codes consistently
  • Add context-aware error messages
  • Implement retry logic for transient failures
  • Proper resource cleanup on errors (memory leaks in current implementation)

5. Code Organization & Modularity

  • Split into modules:
    • config.c/h - Configuration management
    • scanner.c/h - Directory scanning logic
    • metrics.c/h - Metric data structures
    • io.c/h - File I/O operations
    • logging.c/h - Security and diagnostic logging
  • Create reusable library interface
  • Implement encapsulation patterns

6. Testing Infrastructure

  • Add CMake build system (replace Makefile)
  • Integrate CMocka for unit testing
  • Add mock file system for testing
  • Create integration tests
  • Add code coverage tracking (LCOV)
  • CI/CD pipeline for testing

Test scenarios:

  • Config parsing with invalid inputs
  • Buffer overflow attempts
  • Symlink handling (security)
  • Permission denied scenarios
  • Large directory structures
  • Memory leak detection

7. Modern APIs & Abstractions

  • Replace raw time_t with abstraction layer
  • Improve directory scanning (handle large directories)
  • Add async file I/O option
  • Implement proper cleanup on signals (SIGTERM, SIGINT)
  • Add structured logging (JSON output for logs)

8. Documentation & Diagnostics

  • Add Doxygen comments to all functions
  • Create architecture documentation
  • Add debug logging facility
  • Document security decisions
  • Before/after comparison guide

Success Criteria

  • All unsafe functions replaced with bounds-checked alternatives
  • Zero hardcoded credentials
  • Unit test coverage >80%
  • All compiler warnings eliminated
  • Passes static analysis (clang-tidy)
  • MISRA C compliance for selected rules
  • CI/CD pipeline validates security
  • Documentation with examples
  • Performance benchmarks (should not degrade)

Technical Specifications

Build Environment:

  • C Standard: C11 minimum
  • Compiler: GCC 9+ or Clang 10+
  • Build System: CMake 3.15+
  • Testing: CMocka 1.1+
  • Static Analysis: clang-tidy 14+

Dependencies:

  • Existing: POSIX APIs (dirent.h, stat, etc.)
  • New: CMocka (testing), JSON-C (config parsing optional)

Implementation Order

  1. Phase 1: Security fixes (buffer overflows, credentials)
  2. Phase 2: Code reorganization into modules
  3. Phase 3: CMake build system & testing infrastructure
  4. Phase 4: Comprehensive test suite
  5. Phase 5: Documentation and examples

Related Issues

  • #16 Java modernization (similar pattern for different language)

Labels