It doesn't look like that's enough. A MIME file type is read by wiretap/mime-file.c, and it appears to look for a magic string at the beginning of the file to decide it's a mime file type. Since a json file won't match any of those magic strings, the file won't be opened as a mime file type.
I don't know how good the jsmn parse check is, but I suppose you could call it from within mime_file_open() after the magic check doesn't match, by reading in the whole file into string and trying the jsmn parse. Does jsmn parse() return false if it can't parse the *entire* string as JSON, or will it return true if it can parse even just the first newline-terminated line as JSON?
BTW, there's a bug in dissect_json_heur() in packet-json.c, where it calls tvb_get_string_enc() as ENC_ASCII, because I believe JSON is UTF-8 not ASCII.
-hadriel
On Jan 21, 2015, at 5:57 AM, Dario Lombardo <dario.lombardo.ml@xxxxxxxxx> wrote:
> Hi list,
>
> Now that the json dissector has became heuristic, I was trying to make wireshark open a native json file, like it is able to do it with xml.
> What is necessary to make it work other than add a line like
>
> heur_dissector_add("wtap_file", dissect_json_heur, proto_json);
>
> in the json dissector? I tried to read native file dissectors (like the file-png.c) and non-native (like packet-xml.c), but a went to a dead end.
> Anyone can help?
> Thanks.
> Dario.
> ___________________________________________________________________________
> Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives: http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
