From d290487382bc838af2d01c0a627c291249edcf4f Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <andrew@tridgell.net>
Date: Sat, 5 Dec 2015 06:55:52 +1100
Subject: [PATCH] circuit_breaker: prevent param fetch failure from disabling
 safety switch

if the param get failed then an uninitialised stack variable was used
for the safety disable on boot. In ArduPilot that value happened to
equal the correct magic due to stack passing from caller. This forced
safety off on boot
---
 src/modules/systemlib/circuit_breaker.cpp | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/modules/systemlib/circuit_breaker.cpp b/src/modules/systemlib/circuit_breaker.cpp
index ba9e9f6219..c5a94a43bd 100644
--- a/src/modules/systemlib/circuit_breaker.cpp
+++ b/src/modules/systemlib/circuit_breaker.cpp
@@ -48,9 +48,10 @@
 
 bool circuit_breaker_enabled(const char *breaker, int32_t magic)
 {
-	int32_t val;
-	(void)PX4_PARAM_GET_BYNAME(breaker, &val);
-
-	return (val == magic);
+	int32_t val = -1;
+	if (PX4_PARAM_GET_BYNAME(breaker, &val) == 0 && val == magic) {
+		return true;
+	}
+	return false;
 }