diff --git a/changes/bug2328 b/changes/bug2328
index e5ce492a82..f1a4fa89c5 100644
--- a/changes/bug2328
+++ b/changes/bug2328
@@ -1,4 +1,8 @@
   o Minor bugfixes
     - Fix a bug where we would declare that we had run out of virtual
       addresses when the address space was only half-exhausted.  Bugfix
-      on 0.1.1.19-rc.
+      on 0.1.2.1-alpha.
+    - Correctly handle the case where AutomapHostsOnResolve is set but no
+      virtual addresses are available.  Fixes bug2328, bugfix on
+      0.1.2.1-alpha.  Bug found by doorss.
+
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 6c23775315..a01a6e38a1 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -1142,6 +1142,8 @@ address_is_in_virtual_range(const char *address)
 /** Return a newly allocated string holding an address of <b>type</b>
  * (one of RESOLVED_TYPE_{IPV4|HOSTNAME}) that has not yet been mapped,
  * and that is very unlikely to be the address of any real host.
+ *
+ * May return NULL if we have run out of virtual addresses.
  */
 static char *
 addressmap_get_virtual_address(int type)
@@ -1199,14 +1201,15 @@ addressmap_get_virtual_address(int type)
  * allocated string.  If another address of the same type is already
  * mapped to <b>new_address</b>, try to return a copy of that address.
  *
- * The string in <b>new_address</b> may be freed, or inserted into a map
- * as appropriate.
+ * The string in <b>new_address</b> may be freed or inserted into a map
+ * as appropriate.  May return NULL if are out of virtual addresses.
  **/
 const char *
 addressmap_register_virtual_address(int type, char *new_address)
 {
   char **addrp;
   virtaddress_entry_t *vent;
+  int vent_needs_to_be_added = 0;
 
   tor_assert(new_address);
   tor_assert(addressmap);
@@ -1215,7 +1218,7 @@ addressmap_register_virtual_address(int type, char *new_address)
   vent = strmap_get(virtaddress_reversemap, new_address);
   if (!vent) {
     vent = tor_malloc_zero(sizeof(virtaddress_entry_t));
-    strmap_set(virtaddress_reversemap, new_address, vent);
+    vent_needs_to_be_added = 1;
   }
 
   addrp = (type == RESOLVED_TYPE_IPV4) ?
@@ -1225,6 +1228,7 @@ addressmap_register_virtual_address(int type, char *new_address)
     if (ent && ent->new_address &&
         !strcasecmp(new_address, ent->new_address)) {
       tor_free(new_address);
+      tor_assert(!vent_needs_to_be_added);
       return tor_strdup(*addrp);
     } else
       log_warn(LD_BUG,
@@ -1236,7 +1240,14 @@ addressmap_register_virtual_address(int type, char *new_address)
 
   tor_free(*addrp);
   *addrp = addressmap_get_virtual_address(type);
+  if (!*addrp) {
+    tor_free(vent);
+    tor_free(new_address);
+    return NULL;
+  }
   log_info(LD_APP, "Registering map from %s to %s", *addrp, new_address);
+  if (vent_needs_to_be_added)
+    strmap_set(virtaddress_reversemap, new_address, vent);
   addressmap_register(*addrp, new_address, 2, ADDRMAPSRC_CONTROLLER);
 
 #if 0
@@ -1415,7 +1426,12 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
       const char *new_addr;
       new_addr = addressmap_register_virtual_address(
                               RESOLVED_TYPE_IPV4, tor_strdup(socks->address));
-      tor_assert(new_addr);
+      if (! new_addr) {
+        log_warn(LD_APP, "Unable to automap address %s",
+                 escaped_safe_str(socks->address));
+        connection_mark_unattached_ap(conn, END_STREAM_REASON_INTERNAL);
+        return -1;
+      }
       log_info(LD_APP, "Automapping %s to %s",
                escaped_safe_str(socks->address), safe_str(new_addr));
       strlcpy(socks->address, new_addr, sizeof(socks->address));