To be sure that we don't leak any memory to the network (a la CVE-2011-4576), it would be good if we used `tor_malloc_zero()` in `var_cell_new()`. We currently use `tor_malloc()` which does not clean memory. We currently seem to be setting `var_cell_t.payload` and `var_cell_t.payload_len` correctly before calls to `connection_or_write_var_cell_to_buf()`, but it would be good to future-proof ourselves.