Fix PE linker relocation overflow handling.

When the section header IMAGE_SCN_LNK_NRELOC_OVFL is set then the relocation field has overflowed. The number can instead be found in the VirtualAddress of the first relocation.

This means that we start processing relocations at an offset of 1 but that we have VirtualAddress - 1 relocations left to process.

We had previously mistakenly not subtracted the 1 from VirtualAddress and so were reading outside the bounds that we were supposed to.

Fixes #17575 (closed)