detect/inspect: add flags to inspect buffer

src/detect-engine.c

@@ -1272,6 +1272,7 @@ int DetectEngineInspectBufferGeneric(
 
     uint8_t ci_flags = eof ? DETECT_CI_FLAGS_END : 0;
     ci_flags |= (offset == 0 ? DETECT_CI_FLAGS_START : 0);
+    ci_flags |= buffer->flags;
 
     det_ctx->discontinue_matching = 0;
     det_ctx->buffer_offset = 0;

src/detect.h

@@ -344,16 +344,17 @@ struct DetectEngineThreadCtx_;// DetectEngineThreadCtx;
  * Prefilter and inspection will only deal with 'inspect'. */
 
 typedef struct InspectionBuffer {
-    const uint8_t *inspect;     /**< active pointer, points either to ::buf or ::orig */
-    uint32_t inspect_len; /**< size of active data. See to ::len or ::orig_len */
+    const uint8_t *inspect; /**< active pointer, points either to ::buf or ::orig */
     uint64_t inspect_offset;
+    uint32_t inspect_len;   /**< size of active data. See to ::len or ::orig_len */
+    uint8_t flags;          /**< DETECT_CI_FLAGS_* for use with DetectEngineContentInspection */
 
+    uint32_t len;           /**< how much is in use */
     uint8_t *buf;
-    uint32_t len;   /**< how much is in use */
-    uint32_t size;  /**< size of the memory allocation */
+    uint32_t size;          /**< size of the memory allocation */
 
-    const uint8_t *orig;
     uint32_t orig_len;
+    const uint8_t *orig;
 } InspectionBuffer;
 
 /* inspection buffers are kept per tx (in det_ctx), but some protocols