From 5bfc3e6b038ac4ec9de604bd10717bdef8b41915 Mon Sep 17 00:00:00 2001
From: Demi Marie Obenour <demiobenour@gmail.com>
Date: Thu, 10 Jul 2025 11:10:25 -0400
Subject: [PATCH] spa: v4l2: avoid integer wraparound to out of bounds read

I'm not sure if untrusted input can reach this point.
---
 spa/plugins/v4l2/v4l2-utils.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spa/plugins/v4l2/v4l2-utils.c b/spa/plugins/v4l2/v4l2-utils.c
index 96a5d73ed..e607e81d5 100644
--- a/spa/plugins/v4l2/v4l2-utils.c
+++ b/spa/plugins/v4l2/v4l2-utils.c
@@ -399,7 +399,7 @@ enum_filter_format(uint32_t media_type, int32_t media_subtype,
 				if (index == 0)
 					video_format = values[0];
 			} else {
-				if (index + 1 < n_values)
+				if (index < n_values - 1)
 					video_format = values[index + 1];
 			}
 		} else {