Do not pass variables directly to printf

When packaging for nix, I had to disable the "format security" hardening option because of these printf statements. They probably don't represent a serious security vulnerability (I haven't checked if the "header" and "footer" variables can be modified by the user), but it is better style in any case.