Make safe_pickle_load function.

[LIFE-team2024]

Description

The code use pickle.load() in load_from_disk() function in BGEM3Index class. When the victim load a file with pickle.load() and the file contains a class that defines the reduce method, the method is automatically executed as part of Python’s pickle deserialization mechanism.

This flaw gives attackers the ability to trigger unintended code execution or run arbitrary commands.

And this provides safe_pickle_load function filters potentially dangerous functions based on white-box.

Huntr Bug Report for BGEM3Index Class

New Package?

Did I fill in the tool.llamahub section in the pyproject.toml and provide a detailed README.md for my new integration or package?

• Yes
• No

Version Bump?

Did I bump the version in the pyproject.toml file of the package I am updating? (Except for the llama-index-core package)

• Yes
• No

Type of Change

Please delete options that are not relevant.

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

How Has This Been Tested?

Your pull-request will likely not be merged unless it is covered by some form of impactful unit testing.

• I added new unit tests to cover this change
• I believe this change is already covered by existing unit tests

Suggested Checklist:

• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• I have added Google Colab support for the newly added notebooks.
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• I ran make format; make lint to appease the lint gods