fix: reject oversized MonsterMove spline and fix loot format comment

Change WotLK MonsterMove pointCount > 1000 from cap-to-1000 to return
false. Capping caused the parser to read only 1000 of N points, leaving
the remaining point data unread and misaligning subsequent reads.

Also correct misleading loot response comment: Classic/TBC DO include
randomSuffix and randomPropertyId (22 bytes/item, same as WotLK). The
only WotLK difference is the quest item list appended after regular
items.

src/game/world_packets.cpp

@@ -3252,12 +3252,11 @@ bool MonsterMoveParser::parse(network::Packet& packet, MonsterMoveData& data) {
 
     if (pointCount == 0) return true;
 
-    // Cap pointCount to prevent excessive iteration from malformed packets.
     constexpr uint32_t kMaxSplinePoints = 1000;
     if (pointCount > kMaxSplinePoints) {
         LOG_WARNING("SMSG_MONSTER_MOVE: pointCount=", pointCount, " exceeds max ", kMaxSplinePoints,
-                    " (guid=0x", std::hex, data.guid, std::dec, "), capping");
-        pointCount = kMaxSplinePoints;
+                    " (guid=0x", std::hex, data.guid, std::dec, ")");
+        return false;
     }
 
     // Catmullrom or Flying → all waypoints stored as absolute float3 (uncompressed).