katnip.legos.tlv module

TLV (tag/type-length-value) legos. Simplify fuzzing of TLV-based protocol.

class katnip.legos.tlv.TLV(name, tag, fields=None, tag_size=32, length_size=32, encoder=<kitty.model.low_level.encoder.BitFieldBinEncoder object>, fuzzable=True, fuzz_tag=False, fuzz_length=True)

Bases: kitty.model.low_level.container.Container

A container for fuzzing TLV elements, it represents a full binary TLV element.

__init__(name, tag, fields=None, tag_size=32, length_size=32, encoder=<kitty.model.low_level.encoder.BitFieldBinEncoder object>, fuzzable=True, fuzz_tag=False, fuzz_length=True)
Parameters:
  • name – name of the tlv element
  • tag – tag of element
  • fields – element fields, e.g. value (default: None)
  • tag_size – size of tag field in bits (default: 32)
  • length_size – size of length field in bits (default: 32)
  • encoder – encoder for tag and length fields (default: ENC_INT_BE)
  • fuzzable – should fuzz the element (default: True)
  • fuzz_tag – should fuzz the tag value (default: False)
  • fuzz_length – should fuzz the element length (default: True)
class katnip.legos.tlv.TLVFactory(tag_size=32, length_size=32, encoder=<kitty.model.low_level.encoder.BitFieldBinEncoder object>)

Bases: object

Factory class for TLV elements, which allows configuration for all TLV blocks, including:

  • Size of the tag/type field in bits
  • Size of the length field in bits
  • Encoder for tag and length fields
__init__(tag_size=32, length_size=32, encoder=<kitty.model.low_level.encoder.BitFieldBinEncoder object>)
Parameters:
  • tag_size – size of tag field in bits (default: 32)
  • length_size – size of length field in bits (default: 32)
  • encoder – encoder for tag and length (default: ENC_INT_BE)
element(name, tag, fields=None, fuzzable=True, fuzz_tag=False, fuzz_length=True)

Generate a TLV element.

Parameters:
  • name – name of the element
  • tag – value of the element tag
  • fields – fields of the element may be a field or list of fields - e.g. value (default: None)
  • fuzzable – should fuzz the element (default: True)
  • fuzz_tag – should fuzz the tag value (default: False)
  • fuzz_length – should fuzz the element length (default: True)