From af1e299dd43b6b68ef3bb178fe64b551c29ff6de Mon Sep 17 00:00:00 2001
From: Michael Kliewe <info@phpgangsta.de>
Date: Mon, 15 May 2023 00:06:07 +0200
Subject: [PATCH] Fix issue #282: Detect large date ranges in aggregate reports
 and skip processing (#408)

---
 parsedmarc/__init__.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/parsedmarc/__init__.py b/parsedmarc/__init__.py
index 62c6a97..b2a7dde 100644
--- a/parsedmarc/__init__.py
+++ b/parsedmarc/__init__.py
@@ -264,6 +264,8 @@ def parse_aggregate_report_xml(xml, ip_db_path=None, offline=False,
                                       "").replace(">", "").split("@")[0]
         new_report_metadata["report_id"] = report_id
         date_range = report["report_metadata"]["date_range"]
+        if (int(date_range["end"]) - int(date_range["begin"]) > 2*86400):
+            raise InvalidAggregateReport("The begin and end fields span too many hours, should be max 24 hours according to RFC 7489 section 7.2")
         date_range["begin"] = timestamp_to_human(date_range["begin"])
         date_range["end"] = timestamp_to_human(date_range["end"])
         new_report_metadata["begin_date"] = date_range["begin"]