There are a number of instances where the code calls *printf() to
print arbitrary strings and the string is passed as the format
argument to *printf().  Since these strings might contain %
conversion sequences, this is a security hazard.  Fix the problem
by printing the strings with a "%s" format.