Defensive programming: Use tor_malloc_zero() in var_cell_new()

To be sure that we don't leak any memory to the network (a la CVE-2011-4576), it would be good if we used tor_malloc_zero() in var_cell_new(). We currently use tor_malloc() which does not clean memory.

We currently seem to be setting var_cell_t.payload and var_cell_t.payload_len correctly before calls to connection_or_write_var_cell_to_buf(), but it would be good to future-proof ourselves.