fix(c++): fix buffer read/write bound check

[chaokunyang]

Why?

This PR hardens C++ and Rust deserialization paths against truncated/corrupt inputs and prevents inconsistent type registration state. It also enforces that xlang/non-xlang payloads are deserialized by matching protocol configs.

What does this PR do?

• C++: lock type registration after first serialize/deserialize, and route all register APIs through guarded register_type(...).
• C++: reject protocol mismatch when payload is_xlang flag differs from local config.
• C++: make TypeResolver::register_type_internal validate uniqueness before committing entries, so failed registrations do not leak partial type info.
• C++: harden TypeMeta size handling and Buffer varint/fixed reads with strict bounds checks and non-advancing error behavior on truncated data.
• Rust: add overflow-safe reader bound checks for fixed-width reads and read_varuint36small.
• Rust: make row get(...) APIs return Result instead of panicking on out-of-bounds; propagate errors in map materialization.
• Tests: add C++ serialization/buffer regression tests and Rust buffer/row tests covering the new error paths.

Related issues

• None.

Does this PR introduce any user-facing change?

• Does this PR introduce any public API change?
• Does this PR introduce any binary protocol compatibility change?

Benchmark

• N/A