The flash_entry struct type in application_processor.c is used for saving information about provisioned components to flash memory. On the first initialization of the application board it creates an array of all the provisioned components from the header file and uses memcpy to copy it to flash_status, which is then written to flash.

The component_ids field of flash_entry is an array of 32 IDs - however, the build tools place no restriction on the number of component IDs that are passed in the arguments. If more than 32 component IDs are passed during the build AP step, the memcpy will write past the struct, corrupting the application's memory and breaking functionality.

We're assuming that an application firmware should be able to support more than two components because the detailed specifications do not mention a component count limit for an AP, and the scan_components method in the reference design loops through all 127 valid I2C addresses (except reserved ones) to check for the presence of components.