diff --git a/backend/apps/scan/flows/site_scan_flow.py b/backend/apps/scan/flows/site_scan_flow.py index d4916338..0dbd45b8 100644 --- a/backend/apps/scan/flows/site_scan_flow.py +++ b/backend/apps/scan/flows/site_scan_flow.py @@ -34,7 +34,8 @@ logger = logging.getLogger(__name__) def calculate_timeout_by_line_count( tool_config: dict, file_path: str, - base_per_time: int = 1 + base_per_time: int = 1, + min_timeout: int = 60 ) -> int: """ 根据文件行数计算 timeout @@ -45,9 +46,10 @@ def calculate_timeout_by_line_count( tool_config: 工具配置字典(此函数未使用,但保持接口一致性) file_path: 要统计行数的文件路径 base_per_time: 每行的基础时间(秒),默认1秒 + min_timeout: 最小超时时间(秒),默认60秒 Returns: - int: 计算出的超时时间(秒) + int: 计算出的超时时间(秒),不低于 min_timeout Example: timeout = calculate_timeout_by_line_count( @@ -67,20 +69,20 @@ def calculate_timeout_by_line_count( # wc -l 输出格式:行数 + 空格 + 文件名 line_count = int(result.stdout.strip().split()[0]) - # 计算 timeout:行数 × 每行基础时间 - timeout = line_count * base_per_time + # 计算 timeout:行数 × 每行基础时间,不低于最小值 + timeout = max(line_count * base_per_time, min_timeout) logger.info( f"timeout 自动计算: 文件={file_path}, " - f"行数={line_count}, 每行时间={base_per_time}秒, timeout={timeout}秒" + f"行数={line_count}, 每行时间={base_per_time}秒, 最小值={min_timeout}秒, timeout={timeout}秒" ) return timeout except Exception as e: # 如果 wc -l 失败,使用默认值 - logger.warning(f"wc -l 计算行数失败: {e},使用默认 timeout: 600秒") - return 600 + logger.warning(f"wc -l 计算行数失败: {e},使用默认 timeout: {min_timeout}秒") + return min_timeout def _setup_site_scan_directory(scan_workspace_dir: str) -> Path: diff --git a/backend/apps/scan/flows/url_fetch/main_flow.py b/backend/apps/scan/flows/url_fetch/main_flow.py index 4328ceef..002c3cad 100644 --- a/backend/apps/scan/flows/url_fetch/main_flow.py +++ b/backend/apps/scan/flows/url_fetch/main_flow.py @@ -131,9 +131,9 @@ def _clean_urls_with_uro( tool_config=uro_config, file_path=merged_file, base_per_time=1, + min_timeout=60, ) - timeout = max(30, timeout) - logger.info("uro 自动计算超时时间(按行数,每行 1 秒): %d 秒", timeout) + logger.info("uro 自动计算超时时间(按行数,每行 1 秒,最小 60 秒): %d 秒", timeout) else: try: timeout = int(raw_timeout) @@ -202,11 +202,10 @@ def _validate_and_stream_save_urls( raw_timeout = httpx_config.get('timeout', 'auto') timeout = 3600 if isinstance(raw_timeout, str) and raw_timeout == 'auto': - # 按 URL 行数计算超时时间:每行 3 秒,不设上限 - timeout = url_count * 3 - timeout = max(600, timeout) + # 按 URL 行数计算超时时间:每行 3 秒,最小 60 秒 + timeout = max(60, url_count * 3) logger.info( - "自动计算 httpx 超时时间(按行数,每行 3 秒): url_count=%d, timeout=%d 秒", + "自动计算 httpx 超时时间(按行数,每行 3 秒,最小 60 秒): url_count=%d, timeout=%d 秒", url_count, timeout, ) diff --git a/backend/apps/scan/flows/url_fetch/utils.py b/backend/apps/scan/flows/url_fetch/utils.py index 14e5a9ea..8a165b20 100644 --- a/backend/apps/scan/flows/url_fetch/utils.py +++ b/backend/apps/scan/flows/url_fetch/utils.py @@ -17,6 +17,7 @@ def calculate_timeout_by_line_count( tool_config: dict, file_path: str, base_per_time: int = 1, + min_timeout: int = 60, ) -> int: """ 根据文件行数自动计算超时时间 @@ -25,9 +26,10 @@ def calculate_timeout_by_line_count( tool_config: 工具配置(保留参数,未来可能用于更复杂的计算) file_path: 输入文件路径 base_per_time: 每行的基础时间(秒) + min_timeout: 最小超时时间(秒),默认60秒 Returns: - int: 计算出的超时时间(秒) + int: 计算出的超时时间(秒),不低于 min_timeout """ try: result = subprocess.run( @@ -37,18 +39,19 @@ def calculate_timeout_by_line_count( check=True, ) line_count = int(result.stdout.strip().split()[0]) - timeout = line_count * base_per_time + timeout = max(line_count * base_per_time, min_timeout) logger.info( - "timeout 自动计算: 文件=%s, 行数=%d, 每行时间=%d秒, timeout=%d秒", + "timeout 自动计算: 文件=%s, 行数=%d, 每行时间=%d秒, 最小值=%d秒, timeout=%d秒", file_path, line_count, base_per_time, + min_timeout, timeout, ) return timeout except Exception as e: - logger.warning("wc -l 计算行数失败: %s,将使用默认 timeout: 600秒", e) - return 600 + logger.warning("wc -l 计算行数失败: %s,将使用默认 timeout: %d秒", e, min_timeout) + return min_timeout def prepare_tool_execution( diff --git a/backend/apps/scan/flows/vuln_scan/utils.py b/backend/apps/scan/flows/vuln_scan/utils.py index 062a6907..fa555774 100644 --- a/backend/apps/scan/flows/vuln_scan/utils.py +++ b/backend/apps/scan/flows/vuln_scan/utils.py @@ -12,6 +12,7 @@ def calculate_timeout_by_line_count( tool_config: dict, file_path: str, base_per_time: int = 1, + min_timeout: int = 60, ) -> int: """ 根据文件行数自动计算超时时间 @@ -20,9 +21,10 @@ def calculate_timeout_by_line_count( tool_config: 工具配置(保留参数,未来可能用于更复杂的计算) file_path: 输入文件路径 base_per_time: 每行的基础时间(秒) + min_timeout: 最小超时时间(秒),默认60秒 Returns: - int: 计算出的超时时间(秒) + int: 计算出的超时时间(秒),不低于 min_timeout """ try: result = subprocess.run( @@ -32,15 +34,16 @@ def calculate_timeout_by_line_count( check=True, ) line_count = int(result.stdout.strip().split()[0]) - timeout = line_count * base_per_time + timeout = max(line_count * base_per_time, min_timeout) logger.info( - "timeout 自动计算: 文件=%s, 行数=%d, 每行时间=%d秒, timeout=%d秒", + "timeout 自动计算: 文件=%s, 行数=%d, 每行时间=%d秒, 最小值=%d秒, timeout=%d秒", file_path, line_count, base_per_time, + min_timeout, timeout, ) return timeout except Exception as e: - logger.error("wc -l 计算行数失败: %s", e) - raise RuntimeError(f"自动计算超时时间失败: {e}") from e + logger.warning("wc -l 计算行数失败: %s,使用最小超时: %d秒", e, min_timeout) + return min_timeout