GSM A RR: fix de_rr_meas_res(): properly return consumed length

According to 3GPP TS 44.018 section 10.5.2.20, the Measurement Results
is a type 3 (TV) information element with 17 (1 + 16) octets length.

The respective dissection function is called as follows:

  ELEM_MAND_V(GSM_A_PDU_TYPE_RR, DE_RR_MEAS_RES, ...)
    elem_v(tvb, tree, pinfo, GSM_A_PDU_TYPE_RR, DE_RR_MEAS_RES, ...)
      de_rr_meas_res(tvb, subtree, pinfo, curr_offset, -1, ...)
                                                      ^^^
                                                      len

Note that elem_v() passes -1 as the len argument to de_rr_meas_res().
The later returns -1 casted to guint, and this is indeed wrong.
Moreover, the 'len' argument is marked as unused (_U_).

This bug creates a false impression that the Measurement Results IE
occupies more octets than it actually does when it's encapsulated
into some other protocol, e.g. A-bis/RSL.

Let's return value 16, which is known from the specs.

epan/dissectors/packet-gsm_a_rr.c

@@ -4343,7 +4343,10 @@ de_rr_meas_res(tvbuff_t *tvb, proto_tree *subtree, packet_info *pinfo _U_, guint
         no_ncell_m -= 1;
     }
 
-    return(len);
+
+    /* The Measurement Results is a type 3 information element with 17 octets length.
+     * Thus the value part is 17 - 1 == 16 octets long. */
+    return(16);
 }
 
 /*