From 821f018a98e8eaae61418d2baf015f9a3824e8c4 Mon Sep 17 00:00:00 2001
From: Bernhard Herzog <bernhard.herzog@intevation.de>
Date: Thu, 11 May 2023 13:54:42 +0200
Subject: [PATCH] Check that filename matches ID in csaf_uploader

---
 cmd/csaf_uploader/main.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/cmd/csaf_uploader/main.go b/cmd/csaf_uploader/main.go
index 6ac5027..0b7fe56 100644
--- a/cmd/csaf_uploader/main.go
+++ b/cmd/csaf_uploader/main.go
@@ -243,6 +243,11 @@ func (p *processor) uploadRequest(filename string) (*http.Request, error) {
 			writeStrings("Errors:", errs)
 			return nil, errors.New("local schema check failed")
 		}
+
+		eval := util.NewPathEval()
+		if err := util.IDMatchesFilename(eval, doc, filepath.Base(filename)); err != nil {
+			return nil, err
+		}
 	}
 
 	body := new(bytes.Buffer)