From 8a8da6bf77ea4642356b4201eacded12b3b72e7b Mon Sep 17 00:00:00 2001
From: Neil Alexander <neilalexander@users.noreply.github.com>
Date: Thu, 29 Sep 2022 15:28:20 +0100
Subject: [PATCH] Check user ID matches

---
 keyserver/internal/device_list_update.go | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/keyserver/internal/device_list_update.go b/keyserver/internal/device_list_update.go
index acc3e0819..60c52b361 100644
--- a/keyserver/internal/device_list_update.go
+++ b/keyserver/internal/device_list_update.go
@@ -468,10 +468,14 @@ func (u *DeviceListUpdater) processServerUser(ctx context.Context, serverName go
 			}
 		default:
 			// Something else failed
-			logger.WithError(err).WithField("user_id", userID).Debugf("GetUserDevices returned unknown error type: %T", err)
+			logger.WithError(err).Debugf("GetUserDevices returned unknown error type: %T", err)
 			return time.Minute * 10, err
 		}
 	}
+	if res.UserID != userID {
+		logger.WithError(err).Warnf("User ID %q in device list update response doesn't match expected %q", res.UserID, userID)
+		return defaultWaitTime, nil
+	}
 	if res.MasterKey != nil || res.SelfSigningKey != nil {
 		uploadReq := &api.PerformUploadDeviceKeysRequest{
 			UserID: userID,
@@ -491,7 +495,7 @@ func (u *DeviceListUpdater) processServerUser(ctx context.Context, serverName go
 	}
 	err = u.updateDeviceList(&res)
 	if err != nil {
-		logger.WithError(err).WithField("user_id", userID).Error("Fetched device list but failed to store/emit it")
+		logger.WithError(err).Error("Fetched device list but failed to store/emit it")
 		return defaultWaitTime, err
 	}
 	return defaultWaitTime, nil