We have a Coverity bug for this line of code: snprintf( tempStr, size, testStrings[testID], A2DtoV(testResults[testID].value), A2DtoV(testResults[testID].min),A2DtoV(testResults[testID].max)); The error says: non_const_printf_format_string: "format string is not a string literal, potential security vulnerability if user controlled" I changed testStrings to a const, but that didn't do anything: static const char *testStrings[] = {"1", ... etc}; Any ideas as to what this error is really saying?