diff --git a/scripts/base/protocols/socks/main.bro b/scripts/base/protocols/socks/main.bro
index ca35a3f5e4..052e666371 100644
--- a/scripts/base/protocols/socks/main.bro
+++ b/scripts/base/protocols/socks/main.bro
@@ -83,5 +83,8 @@ event socks_reply(c: connection, version: count, reply: count, sa: SOCKS::Addres
 
 event socks_reply(c: connection, version: count, reply: count, sa: SOCKS::Address, p: port) &priority=-5
 	{
-	Log::write(SOCKS::LOG, c$socks);
+	# This will handle the case where the analyzer failed in some way and was removed.  We probably 
+	# don't want to log these connections.
+	if ( "SOCKS" in c$service )
+		Log::write(SOCKS::LOG, c$socks);
 	}
diff --git a/src/SOCKS.cc b/src/SOCKS.cc
index 0064f6e700..02429aa208 100644
--- a/src/SOCKS.cc
+++ b/src/SOCKS.cc
@@ -67,7 +67,14 @@ void SOCKS_Analyzer::DeliverStream(int len, const u_char* data, bool orig)
 		}
 	else
 		{
-		interp->NewData(orig, data, data + len);
+		try
+			{
+			interp->NewData(orig, data, data + len);
+			}
+		catch ( const binpac::Exception& e )
+			{
+			ProtocolViolation(fmt("Binpac exception: %s", e.c_msg()));
+			}
 		}
 	}