detect/transform: Add transform "validate" function

This commit adds an (optional) entry for a validation function. The
validation function, if present, will be used during rule processing.

Its role is to determine if the arguments are compatible with the
transform. E.g., a content string of "this string has whitespace" is not
compatible with the `strip_whitespace` transform.

diff --git a/src/detect.h b/src/detect.h
index 3d90519b736e8137bc012de835143ac6bcce6a5d..71cdc458b03b64616cd01a8d756c8e29c5cfc0bb 100644 (file)
--- a/src/detect.h
+++ b/src/detect.h
@@ -1189,6 +1189,7 @@ typedef struct SigTableElmt_ {
 
     /** InspectionBuffer transformation callback */
     void (*Transform)(InspectionBuffer *, void *context);
+    bool (*TransformValidate)(const uint8_t *content, uint16_t content_len, void *context);
 
     /** keyword setup function pointer */
     int (*Setup)(DetectEngineCtx *, Signature *, const char *);