diff --git a/data-ipa-cfg-mgr/ipacm/src/Android.mk b/data-ipa-cfg-mgr/ipacm/src/Android.mk
index 101df25..404b3d5 100644
--- a/data-ipa-cfg-mgr/ipacm/src/Android.mk
+++ b/data-ipa-cfg-mgr/ipacm/src/Android.mk
@@ -24,9 +24,8 @@ LOCAL_C_INCLUDES += $(TARGET_OUT_INTERMEDIATES)/KERNEL_OBJ/usr/include
 LOCAL_ADDITIONAL_DEPENDENCIES := $(TARGET_OUT_INTERMEDIATES)/KERNEL_OBJ/usr
 
 
-LOCAL_CFLAGS := -v
-LOCAL_CFLAGS += -DFEATURE_IPA_ANDROID
-ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
+LOCAL_CFLAGS := -DFEATURE_IPA_ANDROID
+ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
 LOCAL_CFLAGS += -DDEBUG
 endif
 
diff --git a/data-ipa-cfg-mgr/ipacm/src/IPACM_Config.cpp b/data-ipa-cfg-mgr/ipacm/src/IPACM_Config.cpp
index d8c4227..0decd1b 100644
--- a/data-ipa-cfg-mgr/ipacm/src/IPACM_Config.cpp
+++ b/data-ipa-cfg-mgr/ipacm/src/IPACM_Config.cpp
@@ -482,7 +482,7 @@ int IPACM_Config::AddNatIfaces(char *dev_name)
 
 	if (ipa_nat_iface_entries < ipa_num_ipa_interfaces)
 	{
-		memcpy(pNatIfaces[ipa_nat_iface_entries - 1].iface_name,
+		strlcpy(pNatIfaces[ipa_nat_iface_entries - 1].iface_name,
 					 dev_name, IPA_IFACE_NAME_LEN);
 
 		IPACMDBG_H("Add Nat IfaceName: %s ,update nat-ifaces number: %d\n",
diff --git a/data-ipa-cfg-mgr/ipacm/src/IPACM_ConntrackClient.cpp b/data-ipa-cfg-mgr/ipacm/src/IPACM_ConntrackClient.cpp
index 146cedb..23724fd 100644
--- a/data-ipa-cfg-mgr/ipacm/src/IPACM_ConntrackClient.cpp
+++ b/data-ipa-cfg-mgr/ipacm/src/IPACM_ConntrackClient.cpp
@@ -169,10 +169,18 @@ int IPACM_ConntrackClient::IPA_Conntrack_Filters_Ignore_Bridge_Addrs
 	uint32_t ipv4_addr;
 	struct ifreq ifr;
 
+	if(strlen(IPACM_Iface::ipacmcfg->ipa_virtual_iface_name) >= sizeof(ifr.ifr_name))
+	{
+		IPACMERR("interface name overflows: len %d\n",
+			strlen(IPACM_Iface::ipacmcfg->ipa_virtual_iface_name));
+		close(fd);
+		return -1;
+	}
+
 	/* retrieve bridge interface ipv4 address */
 	memset(&ifr, 0, sizeof(struct ifreq));
 	ifr.ifr_addr.sa_family = AF_INET;
-	(void)strncpy(ifr.ifr_name, IPACM_Iface::ipacmcfg->ipa_virtual_iface_name, sizeof(ifr.ifr_name));
+	(void)strlcpy(ifr.ifr_name, IPACM_Iface::ipacmcfg->ipa_virtual_iface_name, sizeof(ifr.ifr_name));
 	IPACMDBG("bridge interface name (%s)\n", ifr.ifr_name);
 
 	ret = ioctl(fd, SIOCGIFADDR, &ifr);
diff --git a/data-ipa-cfg-mgr/ipacm/src/IPACM_Iface.cpp b/data-ipa-cfg-mgr/ipacm/src/IPACM_Iface.cpp
index 84132c9..8c37d80 100644
--- a/data-ipa-cfg-mgr/ipacm/src/IPACM_Iface.cpp
+++ b/data-ipa-cfg-mgr/ipacm/src/IPACM_Iface.cpp
@@ -924,30 +924,37 @@ int IPACM_Iface::ipa_get_if_index
   int * if_index
 )
 {
-  int fd;
-  struct ifreq ifr;
+	int fd;
+	struct ifreq ifr;
 
-  if((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0)
-  {
-    IPACMERR("get interface index socket create failed \n");
-    return IPACM_FAILURE;
-  }
+	if((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0)
+	{
+		IPACMERR("get interface index socket create failed \n");
+		return IPACM_FAILURE;
+	}
 
-  memset(&ifr, 0, sizeof(struct ifreq));
-  (void)strncpy(ifr.ifr_name, if_name, sizeof(ifr.ifr_name));
-  IPACMDBG_H("interface name (%s)\n", if_name);
+	if(strlen(if_name) >= sizeof(ifr.ifr_name))
+	{
+		IPACMERR("interface name overflows: len %d\n", strlen(if_name));
+		close(fd);
+		return IPACM_FAILURE;
+	}
 
-  if (ioctl(fd,SIOCGIFINDEX , &ifr) < 0)
-  {
-    IPACMERR("call_ioctl_on_dev: ioctl failed, interface name (%s):\n", ifr.ifr_name);
-    close(fd);
-    return IPACM_FAILURE;
-  }
+	memset(&ifr, 0, sizeof(struct ifreq));
+	(void)strlcpy(ifr.ifr_name, if_name, sizeof(ifr.ifr_name));
+	IPACMDBG_H("interface name (%s)\n", if_name);
 
-  *if_index = ifr.ifr_ifindex;
-  IPACMDBG_H("Interface index %d\n", *if_index);
-  close(fd);
-  return IPACM_SUCCESS;
+	if(ioctl(fd,SIOCGIFINDEX , &ifr) < 0)
+	{
+		IPACMERR("call_ioctl_on_dev: ioctl failed, interface name (%s):\n", ifr.ifr_name);
+		close(fd);
+		return IPACM_FAILURE;
+	}
+
+	*if_index = ifr.ifr_ifindex;
+	IPACMDBG_H("Interface index %d\n", *if_index);
+	close(fd);
+	return IPACM_SUCCESS;
 }
 
 void IPACM_Iface::config_ip_type(ipa_ip_type iptype)
diff --git a/data-ipa-cfg-mgr/ipacm/src/IPACM_Netlink.cpp b/data-ipa-cfg-mgr/ipacm/src/IPACM_Netlink.cpp
index 30295b1..186e196 100644
--- a/data-ipa-cfg-mgr/ipacm/src/IPACM_Netlink.cpp
+++ b/data-ipa-cfg-mgr/ipacm/src/IPACM_Netlink.cpp
@@ -689,12 +689,12 @@ static int ipa_nl_decode_nlmsg
 
 				/* Add IPACM support for ECM plug-in/plug_out */
 				/*--------------------------------------------------------------------------
-                                   Check if the interface is running.If its a RTM_NEWLINK and the interface
-                                    is running then it means that its a link up event
-                                ---------------------------------------------------------------------------*/
-                                if((msg_ptr->nl_link_info.metainfo.ifi_flags & IFF_RUNNING) &&
-                                   (msg_ptr->nl_link_info.metainfo.ifi_flags & IFF_LOWER_UP))
-                                {
+                   Check if the interface is running.If its a RTM_NEWLINK and the interface
+                    is running then it means that its a link up event
+                ---------------------------------------------------------------------------*/
+                if((msg_ptr->nl_link_info.metainfo.ifi_flags & IFF_RUNNING) &&
+                   (msg_ptr->nl_link_info.metainfo.ifi_flags & IFF_LOWER_UP))
+                {
 
 					data_fid = (ipacm_event_data_fid *)malloc(sizeof(ipacm_event_data_fid));
 					if(data_fid == NULL)
@@ -712,17 +712,17 @@ static int ipa_nl_decode_nlmsg
 					}
 					IPACMDBG("Got a usb link_up event (Interface %s, %d) \n", dev_name, msg_ptr->nl_link_info.metainfo.ifi_index);
 
-                                        /*--------------------------------------------------------------------------
-                                           Post LAN iface (ECM) link up event
-                                         ---------------------------------------------------------------------------*/
-                                        evt_data.event = IPA_USB_LINK_UP_EVENT;
+                    /*--------------------------------------------------------------------------
+                       Post LAN iface (ECM) link up event
+                     ---------------------------------------------------------------------------*/
+                    evt_data.event = IPA_USB_LINK_UP_EVENT;
 					evt_data.evt_data = data_fid;
-					IPACM_EvtDispatcher::PostEvt(&evt_data);
 					IPACMDBG_H("Posting usb IPA_LINK_UP_EVENT with if index: %d\n",
 										 data_fid->if_index);
-                                }
-                                else if(!(msg_ptr->nl_link_info.metainfo.ifi_flags & IFF_LOWER_UP))
-                                {
+					IPACM_EvtDispatcher::PostEvt(&evt_data);
+                }
+                else if (!(msg_ptr->nl_link_info.metainfo.ifi_flags & IFF_LOWER_UP))
+				{
 					data_fid = (ipacm_event_data_fid *)malloc(sizeof(ipacm_event_data_fid));
 					if(data_fid == NULL)
 					{
@@ -744,10 +744,10 @@ static int ipa_nl_decode_nlmsg
 					---------------------------------------------------------------------------*/
 					evt_data.event = IPA_LINK_DOWN_EVENT;
 					evt_data.evt_data = data_fid;
-					IPACM_EvtDispatcher::PostEvt(&evt_data);
 					IPACMDBG_H("Posting usb IPA_LINK_DOWN_EVENT with if index: %d\n",
 										 data_fid->if_index);
-                                }
+					IPACM_EvtDispatcher::PostEvt(&evt_data);
+				}
 			}
 			break;
 
diff --git a/data-ipa-cfg-mgr/ipacm/src/IPACM_Xml.cpp b/data-ipa-cfg-mgr/ipacm/src/IPACM_Xml.cpp
index 073dc98..6e779e7 100644
--- a/data-ipa-cfg-mgr/ipacm/src/IPACM_Xml.cpp
+++ b/data-ipa-cfg-mgr/ipacm/src/IPACM_Xml.cpp
@@ -267,8 +267,8 @@ static int ipacm_cfg_xml_parse_tree
 					{
 						str_size = strlen(content);
 						memset(content_buf, 0, sizeof(content_buf));
-						memcpy(content_buf, (void *)content, str_size);
-						strlcpy(config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].iface_name, content_buf, str_size+1);
+						strlcpy(content_buf, content, MAX_XML_STR_LEN);
+						strlcpy(config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].iface_name, content_buf, IPA_IFACE_NAME_LEN);
 						IPACMDBG_H("Name %s\n", config->iface_config.iface_entries[config->iface_config.num_iface_entries - 1].iface_name);
 					}
 				}
@@ -644,12 +644,9 @@ static int IPACM_firewall_xml_parse_tree
 						memset(content_buf, 0, sizeof(content_buf));
 						memcpy(content_buf, (void *)content, str_size);
 						content_buf[MAX_XML_STR_LEN-1] = '\0';
-						if (content_buf > 0)
-						{
-							config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.dst_addr_mask
-								 = ntohl(inet_addr(content_buf));
-							IPACMDBG_H("IPv4 destination subnet mask is: %s \n", content_buf);
-						}
+						config->extd_firewall_entries[config->num_extd_firewall_entries - 1].attrib.u.v4.dst_addr_mask
+							 = ntohl(inet_addr(content_buf));
+						IPACMDBG_H("IPv4 destination subnet mask is: %s \n", content_buf);
 					}
 				}
 				else if (0 == IPACM_util_icmp_string((char*)xml_node->name, IPV4TypeOfService_TAG))
diff --git a/data-ipa-cfg-mgr/ipanat/src/ipa_nat_drvi.c b/data-ipa-cfg-mgr/ipanat/src/ipa_nat_drvi.c
index faa8c8c..9b96c44 100644
--- a/data-ipa-cfg-mgr/ipanat/src/ipa_nat_drvi.c
+++ b/data-ipa-cfg-mgr/ipanat/src/ipa_nat_drvi.c
@@ -1527,13 +1527,20 @@ int ipa_nati_del_ipv4_rule(uint32_t tbl_hdl,
 	struct ipa_nat_ip4_table_cache *tbl_ptr;
 	del_type rule_pos;
 	uint8_t tbl_indx = (uint8_t)(tbl_hdl - 1);
+	int ret;
 
 	/* Parse the rule handle */
 	ipa_nati_parse_ipv4_rule_hdl(tbl_indx, (uint16_t)rule_hdl,
 															 &expn_tbl, &tbl_entry);
 	if (IPA_NAT_INVALID_NAT_ENTRY == tbl_entry) {
 		IPAERR("Invalid Rule Entry\n");
-		return -EINVAL;
+		ret = -EINVAL;
+		goto fail;
+	}
+
+	if (pthread_mutex_lock(&nat_mutex) != 0) {
+		ret = -1;
+		goto mutex_lock_error;
 	}
 
 	IPADBG("Delete below rule\n");
@@ -1542,7 +1549,10 @@ int ipa_nati_del_ipv4_rule(uint32_t tbl_hdl,
 	tbl_ptr = &ipv4_nat_cache.ip4_tbl[tbl_indx];
 	if (!tbl_ptr->valid) {
 		IPAERR("invalid table handle\n");
-		return -EINVAL;
+		ret = -EINVAL;
+		if (pthread_mutex_unlock(&nat_mutex) != 0)
+			goto mutex_unlock_error;
+		goto fail;
 	}
 
 	ipa_nati_find_rule_pos(tbl_ptr, expn_tbl,
@@ -1551,7 +1561,10 @@ int ipa_nati_del_ipv4_rule(uint32_t tbl_hdl,
 
 	if (ipa_nati_post_del_dma_cmd(tbl_indx, tbl_entry,
 					expn_tbl, rule_pos)) {
-		return -EINVAL;
+		ret = -EINVAL;
+		if (pthread_mutex_unlock(&nat_mutex) != 0)
+			goto mutex_unlock_error;
+		goto fail;
 	}
 
 	ipa_nati_del_dead_ipv4_head_nodes(tbl_indx);
@@ -1565,7 +1578,22 @@ int ipa_nati_del_ipv4_rule(uint32_t tbl_hdl,
 	ipa_nat_dump_ipv4_table(tbl_hdl);
 #endif
 
+	if (pthread_mutex_unlock(&nat_mutex) != 0) {
+		ret = -1;
+		goto mutex_unlock_error;
+	}
+
 	return 0;
+
+mutex_lock_error:
+	IPAERR("unable to lock the nat mutex\n");
+	return ret;
+
+mutex_unlock_error:
+	IPAERR("unable to unlock the nat mutex\n");
+
+fail:
+	return ret;
 }
 
 void ReorderCmds(struct ipa_ioc_nat_dma_cmd *cmd, int size)
diff --git a/data-ipa-cfg-mgr/ipanat/test/Android.mk b/data-ipa-cfg-mgr/ipanat/test/Android.mk
index 4c94b56..6f83f08 100644
--- a/data-ipa-cfg-mgr/ipanat/test/Android.mk
+++ b/data-ipa-cfg-mgr/ipanat/test/Android.mk
@@ -43,11 +43,11 @@ LOCAL_SRC_FILES := ipa_nat_test000.c \
 
 LOCAL_SHARED_LIBRARIES := libipanat
 
-LOCAL_MODULE_TAGS := debug
+LOCAL_MODULE_TAGS := tests
 LOCAL_MODULE_PATH := $(TARGET_OUT_DATA)/kernel-tests/ip_accelerator
 
 include $(BUILD_EXECUTABLE)
 
 endif # $(TARGET_ARCH)
 endif
-endif
\ No newline at end of file
+endif