Hello!
I have a parent process that starts a child process, who then writes to its inherited stdout handle.
Perhaps think of the parent process as a cygwin shell and the child process as nano or something. I want to monitor the input / output of nano. Cygwin doesn't necessarily see the output of nano, as it could just write to its inherited stdout handle, writing to a console directly.
Solution 1: Don't let the child process inherit its stdout handle
Parent process creates an anonymous pipe, sets child process's output handle to the input handle of the pipe and starts a thread that reads from the pipe and writes to stdout, one character at a time.
I think this would be problematic for control characters and things like command line text editors that use console position. All that stuff would get nerfed.
For example, all these console functions wouldn't work: http://msdn.microsoft.com/en-us/library/windows/desktop/ms685032(v=vs.85).aspx
Please correct me if I'm wrong.
Solution 2: Monitor child process's stdout handle via some sort of filter driver
There are some great tutorials on File System filter drivers. My understanding is these will only catch stuff that actually goes to file.
So, is there some way to catch all writes to given handle?
One of those File System Filter Drivers with a couple tweaks?
Minifilter driver?
Is there some other driver stack I should be looking at?
Thanks!
Any suggestions or comments are appreciated. Anything at all!