The lower left pane contains the original program, and the lower right pane contains the program with qualifier annotations.
In this example, the call to getenv returns the value of environment variable LD_LIBRARY_PATH, which may be controlled by a malicious adversary. The result of getenv is stored first in s, then in t, and then is subsequently passed as a format-string argument to printf. Thus this program has a potential format-string vulnerability.