Resolve read-off-end-of-buffer on atoi in fetch_from_buf_http (TROVE-2016-10-001)

Since we're releasing the fuzzing code (#20893 (moved)) that reveals the underlying bug in #20384 (moved), we should also fix that bug.

It's entirely safe to fix the bug in 0.3.0, because the mitigation applied in #20384 (moved) works.

When we fix it, we should credit:

Discovered by fuzzing using afl: http://lcamtuf.coredump.cx/afl/

It would be nice to email the maintainer with this ticket number and let them know, so they can add it to their gallery.