williballenthin
diff --git a/‎indxparse/list_mft.py
Lines changed: 3 additions & 6 deletions b/‎indxparse/list_mft.py
Lines changed: 3 additions & 6 deletions
diff --git a/‎tests/Makefile
Lines changed: 11 additions & 3 deletions b/‎tests/Makefile
Lines changed: 11 additions & 3 deletions
diff --git a/‎tests/list_mft/7-ntfs-undel.dd.bodyfile
Lines changed: 76 additions & 0 deletions b/‎tests/list_mft/7-ntfs-undel.dd.bodyfile
Lines changed: 76 additions & 0 deletions
diff --git a/‎tests/list_mft/out.json renamed to ‎tests/list_mft/7-ntfs-undel.dd.json b/‎tests/list_mft/out.json renamed to ‎tests/list_mft/7-ntfs-undel.dd.json
diff --git a/‎tests/list_mft/7-ntfs-undel.dd.mft.bodyfile
Lines changed: 62 additions & 0 deletions b/‎tests/list_mft/7-ntfs-undel.dd.mft.bodyfile
Lines changed: 62 additions & 0 deletions
@@ -103,7 +103,7 @@ def format_bodyfile(
     attributes_text = ""
     if len(attributes) > 0:
         attributes_text = " (%s)" % (", ".join(attributes))
-    return "0|%s|%s|0|%d|0|%s|%s|%s|%s|%s\n" % (
+    return "0|%s|%s|0|%d|0|%s|%s|%s|%s|%s" % (
         path + attributes_text,
         inode,
         owner_id,
@@ -193,7 +193,7 @@ def output_mft_record(
     # si
     if si:
         try:
-            print(format_bodyfile(path, size, inode, si_index, si, tags), end=" ")
+            print(format_bodyfile(path, size, inode, si_index, si, tags))
         except UnicodeEncodeError:
             print("# failed to print: %s" % (list(path)))
 
@@ -203,7 +203,7 @@ def output_mft_record(
         if not record.is_active():
             tags.append("inactive")
         try:
-            print(format_bodyfile(path, size, inode, si_index, fn, tags), end=" ")
+            print(format_bodyfile(path, size, inode, si_index, fn, tags))
         except UnicodeEncodeError:
             print("# failed to print: %s" % (list(path)))
 
@@ -217,7 +217,6 @@ def output_mft_record(
                 format_bodyfile(
                     path + ":" + ads[0], ads[1], inode, si_index, si or {}, tags
                 ),
-                end=" ",
             )
         except UnicodeEncodeError:
             print("# failed to print: %s" % (list(path)))
@@ -230,7 +229,6 @@ def output_mft_record(
                 format_bodyfile(
                     path + "\\" + indx[0], indx[1], MREF(indx[2]), 0, indx[3], tags
                 ),
-                end=" ",
             )
         except UnicodeEncodeError:
             print("# failed to print: %s" % (list(path)))
@@ -242,7 +240,6 @@ def output_mft_record(
                 format_bodyfile(
                     path + "\\" + indx[0], indx[1], MREF(indx[2]), 0, indx[3], tags
                 ),
-                end=" ",
             )
         except UnicodeEncodeError:
             print("# failed to print: %s" % (list(path)))
 
@@ -21,7 +21,8 @@ all: \
 
 .PHONY: \
   all-console_scripts \
-  all-list_mft
+  all-list_mft \
+  all-tree_mft
 
 # TODO: This list of unimplemented tests lines up with setup.cfg.
 # * all-INDXParse
@@ -31,18 +32,25 @@ all: \
 # * all-extract_mft_record_slack
 # * all-fuse-mft
 # * all-get_file_info
-# * all-tree_mft
 all-console_scripts: \
-  all-list_mft
+  all-list_mft \
+  all-tree_mft
 
 all-list_mft:
 	$(MAKE) \
 	  --directory list_mft
 
+all-tree_mft:
+	$(MAKE) \
+	  --directory tree_mft
+
 check: \
   all
 
 clean:
+	@$(MAKE) \
+	  --directory tree_mft \
+	  clean
 	@$(MAKE) \
 	  --directory list_mft \
 	  clean
@@ -0,0 +1,76 @@
+0|\\$ORPHAN\$MFT|0|0|256|0|39936|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$MFT (filename)|0|0|256|0|39936|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$MFTMirr|1|0|256|0|4096|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$MFTMirr (filename)|1|0|256|0|4096|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$LogFile|2|0|256|0|2097152|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$LogFile (filename)|2|0|256|0|2097152|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$Volume|3|0|0|0|0|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$Volume (filename)|3|0|0|0|0|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$AttrDef|4|0|0|0|2560|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$AttrDef (filename)|4|0|0|0|2560|1078084677|1078084677|1078084677|1078084677
+0|\\|5|0|0|0|0|1078085971|1078085971|1078085971|1078084677
+0|\\ (filename)|5|0|0|0|0|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$Bitmap|6|0|256|0|752|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$Bitmap (filename)|6|0|256|0|752|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$Boot|7|0|0|0|8192|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$Boot (filename)|7|0|0|0|8192|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$BadClus|8|0|256|0|6160384|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$BadClus (filename)|8|0|256|0|6160384|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$BadClus:$Bad|8|0|256|0|6160384|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$Secure|9|0|257|0|263140|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$Secure (filename)|9|0|257|0|263140|0|0|0|-62135596800
+0|\\$ORPHAN\$Secure:$SDS|9|0|257|0|263140|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$UpCase|10|0|256|0|131072|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$UpCase (filename)|10|0|256|0|131072|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$Extend|11|0|257|0|0|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$Extend (filename)|11|0|257|0|0|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$Extend\$ObjId (indx)|0|0|0|0|281474976710681|1078084684|1078084684|1078084684|1078084684
+0|\\$ORPHAN\$Extend\$Quota (indx)|0|0|0|0|281474976710680|1078084684|1078084684|1078084684|1078084684
+0|\\$ORPHAN\$Extend\$Reparse (indx)|0|0|0|0|281474976710682|1078084684|1078084684|1078084684|1078084684
+0|\\??|12|0|0|0|0|1078084677|1078084677|1078084677|1078084677
+0|\\??|13|0|0|0|0|1078084677|1078084677|1078084677|1078084677
+0|\\??|14|0|0|0|0|1078084677|1078084677|1078084677|1078084677
+0|\\??|15|0|0|0|0|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\mult1.dat|32|0|260|0|0|1078084897|1078084897|1078084897|1078084897
+0|\\$ORPHAN\mult1.dat (filename)|32|0|260|0|0|1078084897|1078084897|1078084897|1078084897
+0|\\$ORPHAN\$MFT|0|0|256|0|39936|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$MFT (filename)|0|0|256|0|39936|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$MFTMirr|1|0|256|0|4096|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$MFTMirr (filename)|1|0|256|0|4096|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$LogFile|2|0|256|0|2097152|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$LogFile (filename)|2|0|256|0|2097152|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$Volume|3|0|0|0|0|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$Volume (filename)|3|0|0|0|0|1078084677|1078084677|1078084677|1078084677
+0|\\$ORPHAN\$Quota|24|0|257|0|0|1078084684|1078084684|1078084684|1078084684
+0|\\$ORPHAN\$Quota (filename)|24|0|257|0|0|1078084684|1078084684|1078084684|1078084684
+0|\\$ORPHAN\$ObjId|25|0|257|0|0|1078084684|1078084684|1078084684|1078084684
+0|\\$ORPHAN\$ObjId (filename)|25|0|257|0|0|1078084684|1078084684|1078084684|1078084684
+0|\\$ORPHAN\$ObjId\ (indx)|0|0|0|0|3670048|0|-11560031107|0|0
+0|\\$ORPHAN\$Reparse|26|0|257|0|0|1078084684|1078084684|1078084684|1078084684
+0|\\$ORPHAN\$Reparse (filename)|26|0|257|0|0|1078084684|1078084684|1078084684|1078084684
+0|\\$ORPHAN\System Volume Information|27|0|258|0|0|1078085916|1078084751|1078084751|1078084750
+0|\\$ORPHAN\System Volume Information (filename)|27|0|258|0|0|1078084750|1078084750|1078084750|1078084750
+0|\\$ORPHAN\System Volume Information\tracking.log (indx)|20480|0|0|0|562949953421340|1078085172|1078085172|1078085172|1078084750
+0|\\$ORPHAN\tracking.log|28|0|259|0|20480|1078085172|1078085172|1078085172|1078084750
+0|\\$ORPHAN\tracking.log (filename)|28|0|259|0|20480|1078084751|1078084751|1078084751|1078084750
+0|\\$ORPHAN\frag1.dat (inactive)|29|0|260|0|1584|1078084840|1078084840|1078084840|1078084817
+0|\\$ORPHAN\frag1.dat (filename, inactive)|29|0|260|0|1584|1078084817|1078084817|1078084817|1078084817
+0|\\$ORPHAN\frag2.dat (inactive)|30|0|260|0|3873|1078084974|1078084974|1078084974|1078084829
+0|\\$ORPHAN\frag2.dat (filename, inactive)|30|0|260|0|3873|1078084829|1078084829|1078084829|1078084829
+0|\\$ORPHAN\sing1.dat (inactive)|31|0|260|0|780|1078084884|1078084884|1078084884|1078084884
+0|\\$ORPHAN\sing1.dat (filename, inactive)|31|0|260|0|780|1078084884|1078084884|1078084884|1078084884
+0|\\$ORPHAN\mult1.dat (inactive)|32|0|260|0|1234|1078084942|1078084942|1078084942|1078084897
+0|\\$ORPHAN\mult1.dat (filename, inactive)|32|0|260|0|1234|1078084897|1078084897|1078084897|1078084897
+0|\\$ORPHAN\mult1.dat:ADS (inactive)|32|0|260|0|1234|1078084942|1078084942|1078084942|1078084897
+0|\\$ORPHAN\dir1 (inactive)|33|0|261|0|0|1078084980|1078084980|1078084980|1078084980
+0|\\$ORPHAN\dir1 (filename, inactive)|33|0|261|0|0|1078084980|1078084980|1078084980|1078084980
+0|\\$ORPHAN\dir2 (inactive)|34|0|261|0|0|1078084983|1078084983|1078084983|1078084983
+0|\\$ORPHAN\dir2 (filename, inactive)|34|0|261|0|0|1078084983|1078084983|1078084983|1078084983
+0|\\$ORPHAN\frag3.dat (inactive)|35|0|260|0|2027|1078085029|1078085029|1078085029|1078085004
+0|\\$ORPHAN\frag3.dat (filename, inactive)|35|0|260|0|2027|1078085004|1078085004|1078085004|1078085004
+0|\\$ORPHAN\mult2.dat (inactive)|36|0|260|0|1715|1078085018|1078085018|1078085018|1078085018
+0|\\$ORPHAN\mult2.dat (filename, inactive)|36|0|260|0|1715|1078085018|1078085018|1078085018|1078085018
+0|\\$ORPHAN\res1.dat (inactive)|37|0|260|0|0|1078085137|1078085137|1078085137|1078085137
+0|\\$ORPHAN\res1.dat (filename, inactive)|37|0|260|0|0|1078085137|1078085137|1078085137|1078085137
+0|\\$ORPHAN\sing2.dat (inactive)|38|0|260|0|1005|1078085055|1078085055|1078085055|1078085055
+0|\\$ORPHAN\sing2.dat (filename, inactive)|38|0|260|0|1005|1078085055|1078085055|1078085055|1078085055
@@ -0,0 +1,62 @@
+0|\\\$MFT|0|0|256|0|39936|1078084677|1078084677|1078084677|1078084677
+0|\\\$MFT (filename)|0|0|256|0|39936|1078084677|1078084677|1078084677|1078084677
+0|\\\$MFTMirr|1|0|256|0|4096|1078084677|1078084677|1078084677|1078084677
+0|\\\$MFTMirr (filename)|1|0|256|0|4096|1078084677|1078084677|1078084677|1078084677
+0|\\\$LogFile|2|0|256|0|2097152|1078084677|1078084677|1078084677|1078084677
+0|\\\$LogFile (filename)|2|0|256|0|2097152|1078084677|1078084677|1078084677|1078084677
+0|\\\$Volume|3|0|0|0|0|1078084677|1078084677|1078084677|1078084677
+0|\\\$Volume (filename)|3|0|0|0|0|1078084677|1078084677|1078084677|1078084677
+0|\\\$AttrDef|4|0|0|0|2560|1078084677|1078084677|1078084677|1078084677
+0|\\\$AttrDef (filename)|4|0|0|0|2560|1078084677|1078084677|1078084677|1078084677
+0|\\|5|0|0|0|0|1078085971|1078085971|1078085971|1078084677
+0|\\ (filename)|5|0|0|0|0|1078084677|1078084677|1078084677|1078084677
+0|\\\$Bitmap|6|0|256|0|752|1078084677|1078084677|1078084677|1078084677
+0|\\\$Bitmap (filename)|6|0|256|0|752|1078084677|1078084677|1078084677|1078084677
+0|\\\$Boot|7|0|0|0|8192|1078084677|1078084677|1078084677|1078084677
+0|\\\$Boot (filename)|7|0|0|0|8192|1078084677|1078084677|1078084677|1078084677
+0|\\\$BadClus|8|0|256|0|6160384|1078084677|1078084677|1078084677|1078084677
+0|\\\$BadClus (filename)|8|0|256|0|6160384|1078084677|1078084677|1078084677|1078084677
+0|\\\$BadClus:$Bad|8|0|256|0|6160384|1078084677|1078084677|1078084677|1078084677
+0|\\\$Secure|9|0|257|0|263140|1078084677|1078084677|1078084677|1078084677
+0|\\\$Secure (filename)|9|0|257|0|263140|0|0|0|-62135596800
+0|\\\$Secure:$SDS|9|0|257|0|263140|1078084677|1078084677|1078084677|1078084677
+0|\\\$UpCase|10|0|256|0|131072|1078084677|1078084677|1078084677|1078084677
+0|\\\$UpCase (filename)|10|0|256|0|131072|1078084677|1078084677|1078084677|1078084677
+0|\\\$Extend|11|0|257|0|0|1078084677|1078084677|1078084677|1078084677
+0|\\\$Extend (filename)|11|0|257|0|0|1078084677|1078084677|1078084677|1078084677
+0|\\\$Extend\$ObjId (indx)|0|0|0|0|281474976710681|1078084684|1078084684|1078084684|1078084684
+0|\\\$Extend\$Quota (indx)|0|0|0|0|281474976710680|1078084684|1078084684|1078084684|1078084684
+0|\\\$Extend\$Reparse (indx)|0|0|0|0|281474976710682|1078084684|1078084684|1078084684|1078084684
+0|\\\$Extend\$Quota|24|0|257|0|0|1078084684|1078084684|1078084684|1078084684
+0|\\\$Extend\$Quota (filename)|24|0|257|0|0|1078084684|1078084684|1078084684|1078084684
+0|\\\$Extend\$ObjId|25|0|257|0|0|1078084684|1078084684|1078084684|1078084684
+0|\\\$Extend\$ObjId (filename)|25|0|257|0|0|1078084684|1078084684|1078084684|1078084684
+0|\\\$Extend\$ObjId\ (indx)|0|0|0|0|3670048|0|-11560031107|0|0
+0|\\\$Extend\$Reparse|26|0|257|0|0|1078084684|1078084684|1078084684|1078084684
+0|\\\$Extend\$Reparse (filename)|26|0|257|0|0|1078084684|1078084684|1078084684|1078084684
+0|\\\System Volume Information|27|0|258|0|0|1078085916|1078084751|1078084751|1078084750
+0|\\\System Volume Information (filename)|27|0|258|0|0|1078084750|1078084750|1078084750|1078084750
+0|\\\System Volume Information\tracking.log (indx)|20480|0|0|0|562949953421340|1078085172|1078085172|1078085172|1078084750
+0|\\\System Volume Information\tracking.log|28|0|259|0|20480|1078085172|1078085172|1078085172|1078084750
+0|\\\System Volume Information\tracking.log (filename)|28|0|259|0|20480|1078084751|1078084751|1078084751|1078084750
+0|\\\frag1.dat (inactive)|29|0|260|0|1584|1078084840|1078084840|1078084840|1078084817
+0|\\\frag1.dat (filename, inactive)|29|0|260|0|1584|1078084817|1078084817|1078084817|1078084817
+0|\\\frag2.dat (inactive)|30|0|260|0|3873|1078084974|1078084974|1078084974|1078084829
+0|\\\frag2.dat (filename, inactive)|30|0|260|0|3873|1078084829|1078084829|1078084829|1078084829
+0|\\\sing1.dat (inactive)|31|0|260|0|780|1078084884|1078084884|1078084884|1078084884
+0|\\\sing1.dat (filename, inactive)|31|0|260|0|780|1078084884|1078084884|1078084884|1078084884
+0|\\\mult1.dat (inactive)|32|0|260|0|1234|1078084942|1078084942|1078084942|1078084897
+0|\\\mult1.dat (filename, inactive)|32|0|260|0|1234|1078084897|1078084897|1078084897|1078084897
+0|\\\mult1.dat:ADS (inactive)|32|0|260|0|1234|1078084942|1078084942|1078084942|1078084897
+0|\\\dir1 (inactive)|33|0|261|0|0|1078084980|1078084980|1078084980|1078084980
+0|\\\dir1 (filename, inactive)|33|0|261|0|0|1078084980|1078084980|1078084980|1078084980
+0|\\$ORPHAN\dir2 (inactive)|34|0|261|0|0|1078084983|1078084983|1078084983|1078084983
+0|\\$ORPHAN\dir2 (filename, inactive)|34|0|261|0|0|1078084983|1078084983|1078084983|1078084983
+0|\\$ORPHAN\frag3.dat (inactive)|35|0|260|0|2027|1078085029|1078085029|1078085029|1078085004
+0|\\$ORPHAN\frag3.dat (filename, inactive)|35|0|260|0|2027|1078085004|1078085004|1078085004|1078085004
+0|\\$ORPHAN\mult2.dat (inactive)|36|0|260|0|1715|1078085018|1078085018|1078085018|1078085018
+0|\\$ORPHAN\mult2.dat (filename, inactive)|36|0|260|0|1715|1078085018|1078085018|1078085018|1078085018
+0|\\\res1.dat (inactive)|37|0|260|0|0|1078085137|1078085137|1078085137|1078085137
+0|\\\res1.dat (filename, inactive)|37|0|260|0|0|1078085137|1078085137|1078085137|1078085137
+0|\\$ORPHAN\sing2.dat (inactive)|38|0|260|0|1005|1078085055|1078085055|1078085055|1078085055
+0|\\$ORPHAN\sing2.dat (filename, inactive)|38|0|260|0|1005|1078085055|1078085055|1078085055|1078085055