Skip to content

[duplicate-code] Duplicate Code Pattern: DIFC Agent Tag Add/Drop OperationsΒ #1720

New issue
New issue
Open
Open
[duplicate-code] Duplicate Code Pattern: DIFC Agent Tag Add/Drop Operations#1720
Labels
automated-analysiscode-quality
@github-actions

Description

@github-actions
github-actions
bot
opened on Mar 10, 2026

πŸ” Duplicate Code Pattern: DIFC Agent Tag Operations

Part of duplicate code analysis: #1719

Summary

Three nearly identical methods in internal/difc/agent.go implement the same lock/log/mutate pattern with only the label field and action verb changing. This is security-critical code in the DIFC subsystem where a divergence between these copies (e.g., forgetting to unlock or using the wrong label) could cause data integrity issues.

Duplication Details

Pattern: Lock + Log + Mutate Tag

  • Severity: High

  • Occurrences: 3 instances

  • Locations:

    • internal/difc/agent.go (lines ~42–49) β€” AddSecrecyTag
    • internal/difc/agent.go (lines ~51–58) β€” AddIntegrityTag
    • internal/difc/agent.go (lines ~60–67) β€” DropIntegrityTag

  • Code Sample:

// Instance 1
func (a *AgentLabels) AddSecrecyTag(tag Tag) {
    logAgent.Printf("Agent %s adding secrecy tag: %s", a.AgentID, tag)
    a.mu.Lock()
    defer a.mu.Unlock()
    a.Secrecy.Label.Add(tag)
    log.Printf("[DIFC] Agent %s gained secrecy tag: %s", a.AgentID, tag)
}

// Instance 2 (identical structure, different label)
func (a *AgentLabels) AddIntegrityTag(tag Tag) {
    logAgent.Printf("Agent %s adding integrity tag: %s", a.AgentID, tag)
    a.mu.Lock()
    defer a.mu.Unlock()
    a.Integrity.Label.Add(tag)
    log.Printf("[DIFC] Agent %s gained integrity tag: %s", a.AgentID, tag)
}

// Instance 3 (identical structure, Remove instead of Add)
func (a *AgentLabels) DropIntegrityTag(tag Tag) {
    logAgent.Printf("Agent %s dropping integrity tag: %s", a.AgentID, tag)
    a.mu.Lock()
    defer a.mu.Unlock()
    a.Integrity.Label.Remove(tag)
    log.Printf("[DIFC] Agent %s dropped integrity tag: %s", a.AgentID, tag)
}

Impact Analysis

  • Maintainability: Any change to the locking or logging pattern must be applied to all 3 functions manually β€” prone to drift
  • Bug Risk: If a fourth tag operation is added, the pattern may not be followed exactly
  • Code Bloat: 24 lines could be reduced to ~10 lines with a helper

Refactoring Recommendations

  1. Extract a private modifyTag helper 
    func (a *AgentLabels) modifyTag(label *Label, tag Tag, action string) {
    logAgent.Printf("Agent %s %s tag: %s", a.AgentID, action, tag)
    a.mu.Lock()
    defer a.mu.Unlock()
    if action == "dropping" {
        label.Remove(tag)
        log.Printf("[DIFC] Agent %s dropped tag: %s", a.AgentID, tag)
    } else {
        label.Add(tag)
        log.Printf("[DIFC] Agent %s gained tag: %s", a.AgentID, tag)
    }
}
    Or use a function value for the mutation operation.
    • Estimated effort: 30 minutes
    • Benefits: Single place to adjust locking strategy, logging format, or add metrics

Implementation Checklist

  • Review duplication findings in internal/difc/agent.go
  • Design modifyTag or similar private helper
  • Refactor the 3 public methods to delegate to helper
  • Verify unit tests still pass (make test-unit)
  • Verify no DIFC behavior changes

Parent Issue

See parent analysis report: #1719
Related to #1719

Generated by Duplicate Code Detector Β· β—·

  • expires on Mar 17, 2026, 2:56 AM UTC

Metadata

Metadata

Assignees

No one assigned

    Labels

    automated-analysiscode-quality

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions