This catches code like:
char buffer[25];
snprintf(buffer, 25, "format string");

It should of course be:
char buffer[25];
snprintf(buffer, sizeof(buffer), "format string");
