chore: clean paths in fusion driver

[tenthirtyam]

Description

Introduces improvements to the VMware Fusion by enhancing path handling for better security and reliability. It ensures all file paths are sanitized and converted to absolute paths before being used in commands. Additionally, it includes minor code adjustments for compliance with the gosec static analysis tool.

Path Handling Enhancements:

• Updated all functions (CompactDisk, CreateDisk, CreateSnapshot, IsRunning, Start, Stop, Clone) to sanitize file paths using filepath.Clean and convert them to absolute paths with filepath.Abs before passing them to commands. This prevents potential path traversal vulnerabilities and ensures consistent path handling. [1] [2] [3] [4] [5] [6]

Static Analysis Compliance:

• Added //nolint:gosec comments to suppress false positives from static analysis tools for commands using dynamic paths. [1] [2] [3] [4] [5] [6] [7] [8]

packer-plugin-vmware on  chore/clean-paths-in-fusion-driver [!?] via 🐹 v1.24.3 
➜ make build

packer-plugin-vmware on  chore/clean-paths-in-fusion-driver [!?] via 🐹 v1.24.3 took 3.8s 
➜ make dev  
packer plugins install --path packer-plugin-vmware "github.com/hashicorp/vmware"
Successfully installed plugin github.com/hashicorp/vmware from /Users/johnsonryan/Downloads/packer-plugin-vmware/packer-plugin-vmware to /Users/johnsonryan/.packer.d/plugins/github.com/hashicorp/vmware/packer-plugin-vmware_v1.1.1-dev_x5.0_darwin_amd64

packer-plugin-vmware on  chore/clean-paths-in-fusion-driver [!?] via 🐹 v1.24.3 took 4.7s 
➜ make test 
?       github.com/hashicorp/packer-plugin-vmware       [no test files]
ok      github.com/hashicorp/packer-plugin-vmware/builder/vmware/common 6.818s
ok      github.com/hashicorp/packer-plugin-vmware/builder/vmware/iso    2.139s
ok      github.com/hashicorp/packer-plugin-vmware/builder/vmware/vmx    2.723s
?       github.com/hashicorp/packer-plugin-vmware/version       [no test files]

[JenGoldstrich]

LGTM

[github-actions]

I'm going to lock this pull request because it has been closed for 30 days. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.