9ns: fix format-string vulnerability in cmderror()