bluez5: Fix stack smashing crash in remote_endpoint_update_props()

Commit 2942bae034 introduced parsing of
"SupportedFeatures" which uses a third DBusMessageIter pointer.

*** stack smashing detected ***: terminated
==389050==
==389050== Process terminating with default action of signal 6 (SIGABRT)
==389050==    at 0x4F57B2C: __pthread_kill_implementation (pthread_kill.c:44)
==389050==    by 0x4F57B2C: __pthread_kill_internal (pthread_kill.c:78)
==389050==    by 0x4F57B2C: pthread_kill@@GLIBC_2.34 (pthread_kill.c:89)
==389050==    by 0x4EFE27D: raise (raise.c:26)
==389050==    by 0x4EE18FE: abort (abort.c:79)
==389050==    by 0x4EE27B5: __libc_message_impl.cold (libc_fatal.c:134)
==389050==    by 0x4FEFC48: __fortify_fail (fortify_fail.c:24)
==389050==    by 0x4FF0ED3: __stack_chk_fail (stack_chk_fail.c:24)
==389050==    by 0xBC1D1A1: remote_endpoint_update_props (bluez5-dbus.c:3137)
==389050==    by 0xB53609F: ???
==389050==    by 0x1DF: ???
==389050==    by 0x61C17BF: ??? (in /usr/lib/x86_64-linux-gnu/libdbus-1.so.3.32.4)
==389050==    by 0x1DF: ???
==389050==    by 0xC5ED113: ???

spa/plugins/bluez5/bluez5-dbus.c

@@ -3102,11 +3102,13 @@ static int remote_endpoint_update_props(struct spa_bt_remote_endpoint *remote_en
 
 			spa_log_debug(monitor->log, "remote_endpoint %p: %s=%"PRIu64, remote_endpoint, key, remote_endpoint->hisyncid);
 		} else if (spa_streq(key, "SupportedFeatures")) {
+			DBusMessageIter iter;
+
 			if (!check_iter_signature(&it[1], "a{sv}"))
 				goto next;
 
-			dbus_message_iter_recurse(&it[1], &it[2]);
-			parse_supported_features(monitor, &it[2], &remote_endpoint->bap_features);
+			dbus_message_iter_recurse(&it[1], &iter);
+			parse_supported_features(monitor, &iter, &remote_endpoint->bap_features);
 		} else {
 unhandled:
 			spa_log_debug(monitor->log, "remote_endpoint %p: unhandled key %s", remote_endpoint, key);