Decompress UPX packed binaries to extract golang build info (ELF formatted binaries with lzma method only)

[wagoodman]

This PR enhances the go binary cataloger to be able to decompress LMZA payloads from ELF formatted binaries that have been packed by UPX (a known practice to make the distributed binary size smaller).

This illustrates the main issue we're trying to overcome:

# a file with a hello world example...
$ GOOS=linux GOARCH=amd64 go build -o /tmp/app main.go

$ syft -q /tmp/app -o json | jq '.artifacts | length' 
262

$ upx --best --lzma --exact /tmp/app
...
        File size         Ratio      Format      Name
   --------------------   ------   -----------   -----------
  93028902 ->  37142612   39.93%   linux/amd64   syft

$ syft -q /tmp/app -o json | jq '.artifacts | length'
0

$ go version -m /tmp/app    
/tmp/app: could not read Go build info from /tmp/app: not a Go executable

$ /tmp/app
hello!

What we want is for syft to be able to still catalog 262 packages from the final UPX packed binary (today we get nothing).

In the future we can expand this to be applied in other areas of syft:

• update the file executable cataloger to detect UPX features and raise up basic info (e.g. UPX packaged, LZMA method, etc...)
• update all other binary-based package catalogers (e.g. rust audit binary, .net binary, etc) to also be UPX aware and be able to unpack them
• expand support for binary formats (PE / macho) and architectures

Type of change

• New feature (non-breaking change which adds functionality)

Checklist

• I have added unit tests that cover changed behavior
• I have tested my code in common scenarios and confirmed there are no regressions
• I have added comments to my code, particularly in hard-to-understand sections

Issue references

• Fixes Support reading lzma compressed .go.buildinfo sections with upx #4411

[kzantow]

LGTM