fix for ZDI-11426

Avoid leaking un-initalized memory to clients by zeroing the
whole pixmap on initial allocation.

This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

Signed-off-by: Matthieu Herrb <>
Reviewed-by: Alan Coopersmith <>
4 jobs for master in 4 minutes and 35 seconds (queued for 1 second)