diff --git a/CHANGELOG.md b/CHANGELOG.md
index 375a6733..515c12e8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,6 @@
 # Clixon Changelog
 
+* [4.10.0](#4100) Expected: February
 * [4.9.0](#490) 18 December 2020
 * [4.8.0](#480) 18 October 2020
 * [4.7.0](#470) 14 September 2020
@@ -25,6 +26,11 @@
 * [3.3.2](#332) Aug 27 2017
 * [3.3.1](#331) June 7 2017
 
+## 4.10.0
+Expected: February 2021
+
+### Corrected Bugs
+
 ## 4.9.0
 18 Dec 2020
 
diff --git a/configure b/configure
index e4fc7bda..4b81ef98 100755
--- a/configure
+++ b/configure
@@ -2259,9 +2259,9 @@ ac_configure="$SHELL $ac_aux_dir/configure"  # Please don't use this var.
 
 
 CLIXON_VERSION_MAJOR="4"
-CLIXON_VERSION_MINOR="9"
+CLIXON_VERSION_MINOR="10"
 CLIXON_VERSION_PATCH="0"
-CLIXON_VERSION="\"${CLIXON_VERSION_MAJOR}.${CLIXON_VERSION_MINOR}.${CLIXON_VERSION_PATCH}\""
+CLIXON_VERSION="\"${CLIXON_VERSION_MAJOR}.${CLIXON_VERSION_MINOR}.${CLIXON_VERSION_PATCH}.PRE\""
 
 # Check CLIgen
 if test "$prefix" = "NONE"; then
diff --git a/configure.ac b/configure.ac
index 2431beb6..9f44a294 100644
--- a/configure.ac
+++ b/configure.ac
@@ -49,9 +49,9 @@ AC_INIT(lib/clixon/clixon.h.in)
 AC_CONFIG_AUX_DIR(aux)
 
 CLIXON_VERSION_MAJOR="4"
-CLIXON_VERSION_MINOR="9"
+CLIXON_VERSION_MINOR="10"
 CLIXON_VERSION_PATCH="0"
-CLIXON_VERSION="\"${CLIXON_VERSION_MAJOR}.${CLIXON_VERSION_MINOR}.${CLIXON_VERSION_PATCH}\""
+CLIXON_VERSION="\"${CLIXON_VERSION_MAJOR}.${CLIXON_VERSION_MINOR}.${CLIXON_VERSION_PATCH}.PRE\""
 
 # Check CLIgen
 if test "$prefix" = "NONE"; then
diff --git a/example/main/example_cli.c b/example/main/example_cli.c
index 89fdcd85..300e800e 100644
--- a/example/main/example_cli.c
+++ b/example/main/example_cli.c
@@ -162,15 +162,20 @@ clixon_plugin_init(clicon_handle h)
  * In this case, assume string and increment characters, eg HAL->IBM
  */
 int
-incstr(cligen_handle h,
-       cg_var       *cv)
+cli_incstr(cligen_handle h,
+	   cg_var       *cv)
 {
     char *str;
     int i;
     
-    if (cv_type_get(cv) != CGV_STRING)
+    /* Filter out other than strings 
+     * this is specific to this example, one can do translation */
+    if (cv == NULL || cv_type_get(cv) != CGV_STRING)
 	return 0;
-    str = cv_string_get(cv);
+    if ((str = cv_string_get(cv)) == NULL){
+	clicon_err(OE_PLUGIN, EINVAL, "cv string is NULL");
+	return -1;
+    }
     for (i=0; i<strlen(str); i++)
 	str[i]++;
     return 0;
diff --git a/fuzz/README.md b/fuzz/README.md
new file mode 100644
index 00000000..18deafde
--- /dev/null
+++ b/fuzz/README.md
@@ -0,0 +1,3 @@
+# Fuzzing with AFL
+
+This is experimental
diff --git a/fuzz/backend/README.md b/fuzz/backend/README.md
new file mode 100644
index 00000000..793e7e0c
--- /dev/null
+++ b/fuzz/backend/README.md
@@ -0,0 +1,59 @@
+# Clixon fuzzing
+
+This dir contains code for fuzzing clixon backend. 
+
+It requires the preeny package to change sockets to stdio. 
+
+## Prereqs
+
+Preeny has a "desocketizing" module necessary to map stdio to the internal sockets that the backend uses. Install preeny example:
+```
+  sudo apt install libini-config-dev # debian/ubuntu
+  sudo apt install libseccomp-dev # debian/ubuntu
+  git clone https://github.com/zardus/preeny.git
+  cd preeny
+  make
+  sudo cp x86_64-linux-gnu/desock.so /usr/local/lib/ # install
+```
+
+See [AFL docs](https://afl-1.readthedocs.io/en/latest) for installing afl.
+On ubuntu this may be enough:
+```
+  sudo apt install afl
+```
+
+You may have to change cpu frequency:
+```
+  cd /sys/devices/system/cpu
+  echo performance | tee cpu?/cpufreq/scaling_governor
+```
+
+And possibly change core behaviour:
+```
+  echo core >/proc/sys/kernel/core_pattern
+```
+
+## Build
+
+Make a modification to how Clixon sends internal messages in `include/clixon_custom.h`:
+```
+  #define CLIXON_PROTO_PLAIN
+```
+
+Build clixon statically with the afl-clang compiler:
+```
+  CC=/usr/bin/afl-clang-fast LINKAGE=static ./configure --with-restconf=evhtp
+  make clean
+  make
+  sudo make install
+```
+
+## Run tests
+
+Populate the input/ dir with input usecases, there are two examples already in this dir that can be modified.
+Use the script `runfuzz.sh` to run one test:
+```
+  ./runfuzz.sh
+```
+
+After (or during) the test, investigate results in the output dir.
diff --git a/fuzz/backend/input/1.xml b/fuzz/backend/input/1.xml
new file mode 100644
index 00000000..9272e718
--- /dev/null
+++ b/fuzz/backend/input/1.xml
@@ -0,0 +1 @@
+<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="42" username="olof"><edit-config><target><candidate/></target><default-operation>none</default-operation><test-option>test-then-set</test-option><error-option>stop-on-error</error-option><config><interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"><interface><name>eth/0/0</name></interface></interfaces></config></edit-config></rpc>]]>]]>
diff --git a/fuzz/backend/input/2.xml b/fuzz/backend/input/2.xml
new file mode 100644
index 00000000..91636d32
--- /dev/null
+++ b/fuzz/backend/input/2.xml
@@ -0,0 +1 @@
+<hello username="olof" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="42"><capabilities><capability>urn:ietf:params:netconf:base:1.0</capability></capabilities></hello>]]>]]>
diff --git a/fuzz/backend/runfuzz.sh b/fuzz/backend/runfuzz.sh
new file mode 100755
index 00000000..1b656391
--- /dev/null
+++ b/fuzz/backend/runfuzz.sh
@@ -0,0 +1,54 @@
+#!/usr/bin/env bash
+# Run a fuzzing test using american fuzzy lop
+# Add input strings in input
+set -eux
+
+if [ $# -ne 0 ]; then 
+    echo "usage: $0 \n"
+    exit 255
+fi
+
+if [ ! -x /usr/local/lib/desock.so ] ; then
+    echo "preeny desock.so not found"
+    exit 255
+fi
+
+MEGS=500 # memory limit for child process (50 MB)
+
+# remove input and input dirs
+#test ! -d input || rm -rf input
+test ! -d output || sudo rm -rf output
+
+# create if dirs dont exists
+#test -d input || mkdir input
+test -d output || mkdir output
+
+APPNAME=example
+cfg=conf.xml
+
+cat <<EOF > $cfg
+<clixon-config xmlns="http://clicon.org/config">
+  <CLICON_CONFIGFILE>$cfg</CLICON_CONFIGFILE>
+  <CLICON_FEATURE>*:*</CLICON_FEATURE>
+  <CLICON_YANG_DIR>/usr/local/share/clixon</CLICON_YANG_DIR>
+  <CLICON_YANG_MODULE_MAIN>clixon-example</CLICON_YANG_MODULE_MAIN>
+  <CLICON_SOCK_FAMILY>IPv4</CLICON_SOCK_FAMILY>
+  <CLICON_SOCK_PORT>4535</CLICON_SOCK_PORT>
+  <CLICON_SOCK>127.0.0.1</CLICON_SOCK>
+  <CLICON_CLISPEC_DIR>/usr/local/lib/$APPNAME/clispec</CLICON_CLISPEC_DIR>
+  <CLICON_CLI_DIR>/usr/local/lib/$APPNAME/cli</CLICON_CLI_DIR>
+  <CLICON_CLI_MODE>$APPNAME</CLICON_CLI_MODE>
+  <CLICON_BACKEND_PIDFILE>/usr/local/var/$APPNAME/$APPNAME.pidfile</CLICON_BACKEND_PIDFILE>
+  <CLICON_XMLDB_DIR>/usr/local/var/$APPNAME</CLICON_XMLDB_DIR>
+  <CLICON_STARTUP_MODE>init</CLICON_STARTUP_MODE>
+  <CLICON_MODULE_LIBRARY_RFC7895>false</CLICON_MODULE_LIBRARY_RFC7895>
+</clixon-config>
+EOF
+
+# Run script 
+#  CC=/usr/bin/afl-clang 
+sudo LD_PRELOAD="/usr/local/lib/desock.so" afl-fuzz -i input -o output -d -m $MEGS -- /usr/local/sbin/clixon_backend -Fs init -f $cfg
+
+# Dryrun without afl:
+#echo "sudo LD_PRELOAD=\"/usr/local/lib/desock.so\" /usr/local/sbin/clixon_backend -Fs init -f ./conf.xml < input/1.xml"
+#sudo LD_PRELOAD="/usr/local/lib/desock.so" /usr/local/sbin/clixon_backend -Fs init -f ./conf.xml < input/1.xml
diff --git a/test/test_cli_translate.sh b/test/test_cli_translate.sh
new file mode 100755
index 00000000..57a4cc6e
--- /dev/null
+++ b/test/test_cli_translate.sh
@@ -0,0 +1,81 @@
+#!/usr/bin/env bash
+# CLI test for CLI translation function
+# Typical usecase is translate a cleartext to encrypt passwords. 
+# This example does not use crypt but increment a string and needs the
+# "cli_incstr()" function in the example cli plugin and the clixon-example.yang
+# The test adds a new cli statement but is based on examle_cli.cli
+# The diff here is the "translate" command that adds entry table/parameter=translate
+
+# Magic line must be first in script (see README.md)
+s="$_" ; . ./lib.sh || if [ "$s" = $0 ]; then exit 0; else return 0; fi
+
+APPNAME=example
+
+cfg=$dir/conf_yang.xml
+
+# Use yang in example
+
+cat <<EOF > $cfg
+<clixon-config xmlns="http://clicon.org/config">
+  <CLICON_CONFIGFILE>$cfg</CLICON_CONFIGFILE>
+  <CLICON_YANG_DIR>/usr/local/share/clixon</CLICON_YANG_DIR>
+  <CLICON_YANG_MODULE_MAIN>clixon-example</CLICON_YANG_MODULE_MAIN>
+  <CLICON_CLISPEC_DIR>$dir</CLICON_CLISPEC_DIR>
+  <CLICON_CLI_DIR>/usr/local/lib/$APPNAME/cli</CLICON_CLI_DIR>
+  <CLICON_CLI_MODE>$APPNAME</CLICON_CLI_MODE>
+  <CLICON_CLI_GENMODEL_TYPE>ALL</CLICON_CLI_GENMODEL_TYPE>
+  <CLICON_SOCK>/usr/local/var/$APPNAME/$APPNAME.sock</CLICON_SOCK>
+  <CLICON_BACKEND_PIDFILE>/usr/local/var/$APPNAME/$APPNAME.pidfile</CLICON_BACKEND_PIDFILE>
+  <CLICON_XMLDB_DIR>/usr/local/var/$APPNAME</CLICON_XMLDB_DIR>
+</clixon-config>
+EOF
+
+# The diff here is the "translate" command that adds entry table/parameter=translate
+cat<<EOF > $dir/example_cli.cli
+# Clixon example specification
+CLICON_MODE="example";
+CLICON_PROMPT="%U@%H %W> ";
+CLICON_PLUGIN="example_cli";
+
+translate <value:string translate:cli_incstr()>, cli_set("/clixon-example:table/parameter=translate/value");
+
+show("Show a particular state of the system"){
+    configuration("Show configuration"), cli_auto_show("datamodel", "candidate", "xml", false, false);
+}
+validate("Validate changes"), cli_validate();
+commit("Commit the changes"), cli_commit();
+quit("Quit"), cli_quit();
+EOF
+
+new "test params: -f $cfg"
+if [ $BE -ne 0 ]; then
+    new "kill old backend"
+    sudo clixon_backend -z -f $cfg
+    if [ $? -ne 0 ]; then
+	err
+    fi
+    new "start backend -s init -f $cfg"
+    start_backend -s init -f $cfg
+
+    new "waiting"
+    wait_backend
+fi
+
+new "translate abc -> table/parameter=translate/value = bcd"
+expectfn "$clixon_cli -1 -f $cfg translate abc" 0 ""
+
+new "show config"
+expectpart "$($clixon_cli -1 -f $cfg show config)" 0 "<table xmlns=\"urn:example:clixon\"><parameter><name>translate</name><value>bcd</value></parameter></table>"
+
+if [ $BE -new 0 ]; then
+    new "Kill backend"
+    # Check if premature kill
+    pid=$(pgrep -u root -f clixon_backend)
+    if [ -z "$pid" ]; then
+	err "backend already dead"
+    fi
+    # kill backend
+    stop_backend -f $cfg
+fi
+
+rm -rf $dir