diff --git a/_codeql_detected_source_root b/_codeql_detected_source_root
new file mode 120000
index 0000000..945c9b4
--- /dev/null
+++ b/_codeql_detected_source_root
@@ -0,0 +1 @@
+.
\ No newline at end of file
diff --git a/linux/system_date_time_format_plugin.cc b/linux/system_date_time_format_plugin.cc
index 3206544..94a907e 100644
--- a/linux/system_date_time_format_plugin.cc
+++ b/linux/system_date_time_format_plugin.cc
@@ -89,9 +89,10 @@ char* format_time(const char* time) {
 	char* formatted_time = (char*)malloc(BUFFER_LENGTH);
 	if (!formatted_time) return nullptr;
 	
+	const int MAX_REPLACEMENT_LENGTH = 10; // "hh:mm:ss a" is the longest
 	int pos = 0;
 	int i = 0;
-	while (time[i] != '\0' && pos < BUFFER_LENGTH - 15) {
+	while (time[i] != '\0' && pos < BUFFER_LENGTH - MAX_REPLACEMENT_LENGTH) {
 		if (time[i] == '%' && time[i + 1] != '\0') {
 			char specifier = time[i + 1];
 			const char* replacement = nullptr;