Resolve read-off-end-of-buffer on atoi in fetch_from_buf_http (TROVE-2016-10-001)
It's entirely safe to fix the bug in 0.3.0, because the mitigation applied in #20384 (moved) works.
When we fix it, we should credit:
Discovered by fuzzing using afl: http://lcamtuf.coredump.cx/afl/
It would be nice to email the maintainer with this ticket number and let them know, so they can add it to their gallery.