From 97c10c1e4616b3131c4bbef6a87a738b0f0ef1f5 Mon Sep 17 00:00:00 2001
From: Damien Crier <damien.crier@camptocamp.com>
Date: Fri, 4 Sep 2015 09:51:04 +0200
Subject: [PATCH] [FIX] replace eval() by safe_eval()

---
 account_easy_reconcile/base_reconciliation.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/account_easy_reconcile/base_reconciliation.py b/account_easy_reconcile/base_reconciliation.py
index 1a974412..9f350f83 100644
--- a/account_easy_reconcile/base_reconciliation.py
+++ b/account_easy_reconcile/base_reconciliation.py
@@ -20,6 +20,7 @@
 ##############################################################################
 
 from openerp.osv import fields, orm
+from openerp.tools.safe_eval import safe_eval
 from operator import itemgetter, attrgetter
 
 
@@ -106,7 +107,7 @@ class EasyReconcileBase(orm.AbstractModel):
         params = []
         if rec.filter:
             dummy, where, params = ml_obj._where_calc(
-                cr, uid, eval(rec.filter), context=context).get_sql()
+                cr, uid, safe_eval(rec.filter), context=context).get_sql()
             if where:
                 where = " AND %s" % where
         return where, params