COM_STMT_PREPARE protocol result permits only 2 bytes for returning columns number.

COM_STMT_PREPARE_OK format :

* int<1> 0x00 COM_STMT_PREPARE_OK header

* int<4> statement id

* int<2> number of columns in the returned result set (or 0 if statement does not return result set)

* int<2> number of prepared statement parameters ('?' placeholders)

* string<1> -not used-

* int<2> number of warnings

If number of columns is more than 65355, an error MUST be returned from server.
The actual implementation send unexpected data, resulting in wrong connectors state, and unusable connection.

Example:
prepare a query 'SELECT 1, 1, 1, 1, ...' with 100 000 value '1' .
result will be :

+--------------------------------------------------+

|  0  1  2  3  4  5  6  7   8  9  a  b  c  d  e  f |

+--------------------------------------------------+------------------+

| 0C 00 00 01 00 02 00 00  00 A0 86 00 00 00 00 00 | ................ |

+--------------------------------------------------+------------------+

number of columns = A0 86 = value 34 644 (100000 - 65356), not 100000
so connectors try to read 34 644 column definition packet, but there will be 65356 more.

Correction:
If number of column > 65355, an error has to be returned from server, like it's done when the number of parameters is too big (error "Prepared statement contains too many placeholders")