fix for ZDI-11426

Avoid leaking un-initalized memory to clients by zeroing the
whole pixmap on initial allocation.

This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

Signed-off-by: Matthieu Herrb <>
Reviewed-by: Alan Coopersmith <>
(cherry picked from commit a6b2cbe9)
3 jobs for server-1.20-branch in 5 minutes and 9 seconds (queued for 2 seconds)