printf ("\n");	}}/* display the list of runs of an attribute */static void dump_runs(unsigned char *start, int vcnstart, int vcnend,	int compressed){	int length=0;	ntfs_cluster_t cluster=0;	int l=vcnend-vcnstart;	int vcn=vcnstart;	int ctype;	while(l>0 && ntfs_decompress_run(&start,&length,&cluster,&ctype)!=-1)	{		l-=length;		if(!ctype)			printf("\tRun from %x to %x (VCN=%x)\n",cluster,cluster+length-1,vcn);		else			printf("\tCompression unit size %x\n",length);		vcn+=length;	}}/* print the attribute list at rec */void list_attr_mem(ntfs_volume *vol, char *rec){	int offs;	int type, attr_length, stream_length, resident, namelen, compressed;	char *start;	/* first attribute should start at *0x14 */	offs= NTFS_GETU16(rec + 0x14);	while(offs<vol->mft_recordsize)	{		printf("%4.4X:",offs);		printf("Type %X ",type=NTFS_GETU32(rec+offs));		if(type==-1)break;		/* offset to the next attribute */		printf("Length %X ", attr_length = NTFS_GETU32(rec + offs + 0x4));		resident=*(rec+offs+8)=='\0';		compressed=*(rec+offs+0xC);		if(resident){			stream_length = NTFS_GETU32(rec + offs + 0x10);			printf("resident ");			if(*(rec+offs+0x16))				printf("indexed ");		}		if(compressed)			printf("compressed ");		printf("Slot #%X ",NTFS_GETU16(rec+offs+14));		/* position of attribute data if resident */		start=rec+offs+NTFS_GETU8(rec+offs+10);		if(NTFS_GETU8(rec+offs+10)==0)start+=NTFS_GETU16(rec+offs+0x20);		/* length attribute name, name starts at start */		namelen=NTFS_GETU8(rec+offs+9);		if(namelen!=0)		{			printf("named(");			uniprint(start,namelen);			start+=namelen*2;			printf(") ");		}		if(NTFS_GETU8(rec+offs+11))			fprintf(stderr,"Found [B] at offset %X\n",offs);		if(NTFS_GETU8(rec+offs+13))			fprintf(stderr,"Found [D] at offset %X\n",offs);		print_attr_type(vol,type);		printf("\n");		if(resident)			printf("\tStream length 0x%X \n", stream_length);		switch(type)		{		case 0x10:			dump_standard_information(rec + offs + 0x18);			break;		case 0x20:			dump_attribute_list(rec + offs + 0x18, rec + offs + 0x18 + stream_length);			break;		case 0x30:			dump_filename(rec + offs + 0x18);			break;		case 0x50:			if (resident)				dump_security_descriptor(rec + offs + 0x18, stream_length);			break;		}		if(!resident) {			printf("\tAllocated %x, size %x, initialized %x",			       NTFS_GETU32(rec+offs+0x28),NTFS_GETU32(rec+offs+0x30),			       NTFS_GETU32(rec+offs+0x38));			if(compressed)				printf(", compressed %x\n",NTFS_GETU32(rec+offs+0x40));			else				putchar('\n');			if(NTFS_GETU16(rec+offs+0x22))				fprintf(stderr,"Found [22]=%x at offset %X\n",NTFS_GETU16(rec+offs+0x22),offs);			if(NTFS_GETU32(rec+offs+0x24))				fprintf(stderr,"Found [24] at offset %X\n",offs);			dump_runs(start,NTFS_GETU32(rec+offs+0x10),				  NTFS_GETU32(rec+offs+0x18),compressed);		}		offs += attr_length;	}	puts("");}	/* Necessary forward reference */static void dumpdir_entry(ntfs_inode* ino,char *entry);/* display a directory record */static void dumpdir_record(ntfs_inode* ino,int nextblock){	int length,error;	char record[8192];	char *offset;	ntfs_io io;	io.fn_put=ntfs_put;	io.fn_get=0;	io.param=record;	io.size=ino->u.index.recordsize;	error=ntfs_read_attr(ino,ino->vol->at_index_allocation,"$I30",			     nextblock*ino->vol->clustersize,&io);	if(error || io.size!=ino->u.index.recordsize){		printf("read failed\n");		return;	}	if(!ntfs_check_index_record(ino,record)){		printf("Not a index record\n");		return;	}	offset=record+NTFS_GETU16(record+0x18)+0x18;	do{		dumpdir_entry(ino,offset);		if(*(offset+0xC)&2)break;		length=NTFS_GETU16(offset+8);		if(!length)break;		offset+=length;	}while(1);}/* display all subentries, then display this entry */static void dumpdir_entry(ntfs_inode* ino,char *entry){	int length=NTFS_GETU16(entry+8);	int used=(NTFS_GETU8(entry+12)&2)==0;	if(used)printf("\tinode %x\t",NTFS_GETU32(entry));	if(NTFS_GETU8(entry+13))		fprintf(stderr,"Found [D] at %x\n",ino->i_number);	if(NTFS_GETU16(entry+14))		fprintf(stderr,"Found [E] at %x\n", ino->i_number);	if((int)NTFS_GETU8(entry+12)&1){		int nextblock=NTFS_GETU64(entry+length-8);		printf("Going down to block %x\n",nextblock);		dumpdir_record(ino,nextblock);		printf("back to\tinode %x\t",NTFS_GETU32(entry));	}	if(used)print_name(entry+0x50);}/* display an inode as directory */void dumpdir(ntfs_inode *ino){	int length=ino->vol->mft_recordsize;	char *buf=(char*)malloc(length);	char *data;	ntfs_io io;	io.fn_put=ntfs_put;	io.fn_get=0;	io.param=buf;	io.size=length;	if(ntfs_read_attr(ino,ino->vol->at_index_root,"$I30",0,&io))	{		printf("Not a directory\n");		free(buf);		return;	}	ino->u.index.recordsize=NTFS_GETU32(buf+0x8);	ino->u.index.clusters_per_record=NTFS_GETU32(buf+0xC);	/* FIXME: consistency check */	data=buf+0x20;	while(1)	{		length=NTFS_GETU16(data+8);		dumpdir_entry(ino,data);		if(NTFS_GETU8(data+12)&2)break;		data+=length;		if(!length){			printf("length==0!!\n");			break;		}	}	free(buf);}#if 0static void putchar1(unsigned char c){	if(c>=32 && c<=127)		putchar(c);	else switch(c)	{	case 10: printf("\\n");break;	case 13: printf("\\r");break;	default: printf("\\%o",c);	}}#endifvoid dump_decompress(ntfs_inode *ino, int run, int verbose){	printf("Function is obsolete\n");	/* FIXME: really? */#if 0	int block,len,clear_pos;	unsigned char *compressed;	char clear[16384];	int tag=0,bits,charmode;	int ctype;	unsigned char *data;	int offset=0;	unsigned char *attr=ntfs_get_attr(ino,AT_DATA,0);	ntfs_io io;	io.fn_put=ntfs_put;	io.fn_get=0;	if(!attr)	{		fprintf(stderr,"No data attribute in this inode\n");		return;	}	if(attr->resident)	{		fprintf(stderr,"Attribute is resident\n");		return;	}	if(!attr->compressed)	{		fprintf(stderr,"Data attribute is not compressed\n");		return;	}	/*Skip name and valueoffset*/	attr+=NTFS_GETU16(attr+0x20)+NTFS_GETU8(attr+9);	block=0;	do{		ntfs_decompress_run(&attr,&len,&block,&ctype);	}while(run--);	compressed=(char*)malloc(len*vol->clustersize);	io.param=compressed;	io.do_read=1;	error=ntfs_getput_clusters(vol,block,0,				   len*vol->clustersize,&io);	if(error)		fprintf(stderr,"Error reading block %x\n",block);	data=compressed;	while(*(data+1) & 0xF0)	{		int block_size;		unsigned char *stop;		block_size = *(unsigned short*)data;		if(verbose)printf("Head %x",block_size);		block_size &= 0xFFF;		data+=2;		offset+=2;		stop = data + block_size;		bits=0;		charmode=0;		clear_pos=0;		while(data<=stop)		{			if(!bits){				if(verbose)printf("\nOffset %x",offset);				charmode=0;				tag=*data;				bits=8;				data++;				offset++;				if(data>stop)					break;			}			if(tag&1){				int i,len,delta,delta1=0;				delta = *(unsigned short*)(data);				len=*data;				len&=0x1f;				if(clear_pos<=0x10)				{					delta1=delta>>12;					len = delta & 0xFFF;				}				else if(clear_pos<=0x20)				{					delta1=delta>>11;					len = delta & 0x7FF;				}				else if(clear_pos<=0x40)				{					delta1=delta>>10;					len = delta & 0x3FF;				}				else if(clear_pos<=0x80)				{					delta1=delta>>9;					len = delta & 0x1FF;				}				else if(clear_pos<=0x100)				{					delta1=delta>>8;					len = delta & 0xFF;				}				else if(clear_pos<=0x200)				{					delta1=delta>>7;					len = delta & 0x7F;				}				else if(clear_pos<=0x400)				{					delta1=delta>>6;					len = delta & 0x3F;				}				else if(clear_pos<=0x800)				{					delta1=delta>>5;					len = delta & 0x1F;				}				else if(clear_pos<=0x1000)				{					delta1=delta>>4;					len = delta & 0xF;				}else					fprintf(stderr,"NOW WHAT?\n");				len+=3;				if(verbose)printf("\n%8.8X:len %x(%x) delta %x(%x) ",						  clear_pos,len,*data,delta,delta1);				charmode=0;				for(i=0;i<len;i++)				{					if(verbose)						putchar1(clear[clear_pos-delta1-1]);					else						putchar(clear[clear_pos-delta1-1]);					clear[clear_pos]=clear[clear_pos-delta1-1];					clear_pos++;				}				data+=2;				offset+=2;			}else{				if(verbose)if(!charmode)					printf("\n%8.8X:",clear_pos);				if(verbose)					putchar1(*data);				else					putchar(*data);				clear[clear_pos++]=*data;				data++;				offset++;				charmode=1;			}			tag>>=1;			bits--;		}		if(verbose)putchar('\n');	}/*while*/#endif}void dump_inode(ntfs_inode *ino){	int i,j,vcn;	printf("Inode %d, %d attributes, %d mft clusters\n",	       ino->i_number, ino->attr_count, ino->record_count);	for(i=0;i<ino->attr_count;i++)	{		printf("attribute %X",ino->attrs[i].type);		if(ino->attrs[i].name)		{			printf(" named(");			uniprint((char*)ino->attrs[i].name,ino->attrs[i].namelen);			printf(")\n");		}else			printf("\n");		if(ino->attrs[i].resident)			printf("  resident\n");		else			for(j=0,vcn=0;j<ino->attrs[i].d.r.len;j++)			{				printf("  Run %d from %x len %x (VCN=%x)\n", j,				       ino->attrs[i].d.r.runlist[j].cluster,				       ino->attrs[i].d.r.runlist[j].len,vcn);				vcn+=ino->attrs[i].d.r.runlist[j].len;			}	}}/* * Local variables: * c-file-style: "linux" * End: */