On Sat, Mar 30, 2013 at 8:09 AM, Sebastiano Di Paola
<sebastiano.dipaola@xxxxxxxxx> wrote:
> Hi all,
> I would like to know if there is a way to call a dissector and check it's
> return value..I mean the behavior I would like to achieve is the
> following...
> I have a blob of data that usually is json, but I don't have any chance to
> know it without trying to parse it...
> So I would like to do...
>
> <snip>
> decode other part of the packet and create the subtree where to append the
> maybe json data...
>
> try {
> decode the blob
> }
> catch {
> cannot decode...maybe it's not json..or wrongly formatted
> and then append to the current "subtree" as a blob
> }
>
> Is it possible to do it ? I mean trap the json dissector error/execption and
> then append the undecode/unkonw data as unknown to the same subtree?
It sounds like what you want is for JSON to register a heuristic
dissector. Then you can make a 'decode' call that will return a
boolean which is true only if decoding was successful - if not you can
append it as a blob. However, the JSON dissector doesn't do this (it
hasn't historically needed to) and making it do this is not
immediately trivial.
One 'workaround' would be to register a preference for your protocol
controlling whether the payloads are decoded as json or not. This
would probably be the least work to achieve approximately the desired
effect.
Cheers,
Evan