More DCE_RPC improvements.

- The logic for fragment handling has been rewritten and should be correct now.
 - There are now tunables for fragment handling overflow situations.
   - DCE_RPC::max_cmd_reassembly and DCE_RPC::max_frag_data
   - They result in weirds and analyzer removal.
 - Memory leak fixed by unique_ptr auto cleanup.
 - DCE_RPC is now intolerate of content gaps and will stop
   analyzing traffic if content gaps happen (like most other analyzers currently).

scripts/base/protocols/dce-rpc/consts.bro

@@ -2,6 +2,16 @@
 module DCE_RPC;
 
 export {
+	## The maximum number of simultaneous fragmented commands that
+	## the analyzer will tolerate before the analyzer will generate
+	## a weird and remove itself from the connection.
+	const max_cmd_reassembly = 20 &redef;
+
+	## The maximum number of fragmented bytes that will be tolerated 
+	## on a command before the analyzer will generate a weird and 
+	## remove itself from the connection.
+	const max_frag_data = 30000 &redef;
+
 	const uuid_endpoint_map: table[string] of string = {
 		["367abb81-9844-35f1-ad32-98f038001003"] = "svcctl",
 		["86d35949-83c9-4044-b424-db363231fd0c"] = "ITaskSchedulerService",