diff -up ht-2.0.22/asm/x86dis.cc.format-security ht-2.0.22/asm/x86dis.cc
--- ht-2.0.22/asm/x86dis.cc.format-security	2013-04-05 17:41:20.000000000 -0500
+++ ht-2.0.22/asm/x86dis.cc	2014-06-09 09:18:21.707398782 -0500
@@ -1218,15 +1218,15 @@ void x86dis::str_op(char *opstr, int *op
 		default: {assert(0);}
 		}
 		if (!insn->rexprefix) {
-			sprintf(opstr, x86_regs[j][op->reg]);
+			sprintf(opstr, "%s", x86_regs[j][op->reg]);
 		} else {
-			sprintf(opstr, x86_64regs[j][op->reg]);
+			sprintf(opstr, "%s", x86_64regs[j][op->reg]);
 		}
 		break;
 	}
 	case X86_OPTYPE_SEG:
 		if (x86_segs[op->seg]) {
-			sprintf(opstr, x86_segs[op->seg]);
+			sprintf(opstr, "%s", x86_segs[op->seg]);
 		}
 		break;
 	case X86_OPTYPE_CRX:
diff -up ht-2.0.22/htpal.cc.format-security ht-2.0.22/htpal.cc
--- ht-2.0.22/htpal.cc.format-security	2007-05-08 18:30:13.000000000 -0500
+++ ht-2.0.22/htpal.cc	2014-06-09 09:16:56.236305958 -0500
@@ -305,7 +305,7 @@ void palette_entry::strvalue(char *buf32
 		text = "normal";
 	}
 	p = tag_make_color(p, 32, VCP(fg, bg));
-	p += sprintf(p, text);
+	p += sprintf(p, "%s", text);
 	p = tag_make_default_color(p, 32);
 	*p = 0;
 }