Splits the project into a lean reader and a forensic analyzer, mirroring vhdx/vhdx-forensic and ewf/ewf-forensic.
New crate: vmdk-forensic 0.1.0
VmdkIntegrity — the evidence-grade analyzer. It reparses raw bytes (so it tolerates damaged images) and produces a severity-graded anomaly list via analyse():
validate_rgd()— redundant-GD adjudication by grain-table contents, not pointersgrain_directory_recovery()— per-entry RGD recovery triagecheck_integrity()— dangling GD/GT/grain pointer scan (VMDK4 sparse + seSparse)header_provenance()— unclean-shutdown / FTP-ASCII-mangling / flag bits- Fuzzed (
fuzz_forensic), saturating/bounds-checked throughout.
vmdk 0.4.0 (breaking)
Slimmed to the read-coupled surface. Removed (now in vmdk-forensic): validate_rgd, grain_directory_recovery, check_integrity, header_provenance and their report types. Kept: the RGD-fallback recovery read path (enable_rgd_fallback, rgd_recovery_count) and all reading/metadata.
Migrate: reader.check_integrity() → vmdk_forensic::VmdkIntegrity::new(reader).check_integrity().
vmdk verify now analyzes through vmdk-forensic; verify --recover reports "Integrity: OK after recovery".
Install
[dependencies]
vmdk = "0.4" # reader
vmdk-forensic = "0.1" # + integrity analysis