fix(protocols): guard against zero/malformed length fields in binary protocol parsers

MongoDB had the same infinite-loop bug as MSSQL (msg_len=0 → buffer never
shrinks in while loop). Postgres, MySQL, and MQTT had related length-field
issues (stuck state, resource exhaustion, overlong remaining-length).

Also fixes an existing MongoDB _op_reply struct.pack format bug (extra 'q'
specifier caused struct.error on any OP_QUERY response).

Adds 53 regression + protocol boundary tests across MSSQL, MongoDB,
Postgres, MySQL, and MQTT, including a _run_with_timeout threading harness
to catch infinite loops and @pytest.mark.fuzz hypothesis tests for each.

templates/mqtt/server.py

@@ -191,6 +191,10 @@ class MQTTProtocol(asyncio.Protocol):
             remaining = 0
             multiplier = 1
             while pos < len(self._buf):
+                if pos > 4:  # MQTT spec: max 4 bytes for remaining length
+                    self._transport.close()
+                    self._buf = b""
+                    return
                 byte = self._buf[pos]
                 remaining += (byte & 0x7f) * multiplier
                 multiplier *= 128