Check some message lengths. Make Bitfield more robust.

[walshb]

The code was panicking on some real packets it received:

1. "Pieces" message, with length too big for the buffer.
2. "Bitfield" message with zero length. This was then "capped" (using Bitfield.cap) to the correct value without allocating a bigger bitfield vector. Then it crashed on a later "Have" message.

The first message check is easy. For the second, I made the "Bitfield" type more robust and added some more checks to the "cap" operations.

[Luminarys]

Nice catches, thank for these fixes!