diff --git a/session/store.js b/session/store.js
index 3793877e..46ce6287 100644
--- a/session/store.js
+++ b/session/store.js
@@ -70,7 +70,13 @@ Store.prototype.load = function(sid, fn){
     if (err) return fn(err);
     if (!sess) return fn();
     var req = { sessionID: sid, sessionStore: self };
-    fn(null, self.createSession(req, sess))
+    try {
+      sess = self.createSession(req, sess)
+    } catch (e) {
+      err = e
+      sess = null
+    }
+    fn(err, sess)
   });
 };
 
diff --git a/test/session.js b/test/session.js
index 7416b261..fda9d499 100644
--- a/test/session.js
+++ b/test/session.js
@@ -490,6 +490,35 @@ describe('session()', function(){
     })
   })
 
+  describe('when session is corrupt', function () {
+    it('should return an error', function (done) {
+      var store = new session.MemoryStore()
+      var server = createServer({ store: store }, function (req, res) {
+        req.session.count = req.session.count || 0
+        req.session.count++
+        res.end('hits: ' + req.session.count)
+      })
+
+      store.get = function returnCorruptSession(sid, callback) {
+        callback(undefined, {});
+      }
+
+      request(server)
+      .get('/')
+      .expect(200, 'hits: 1', function (err, res) {
+        if (err) return done(err)
+        store.load(sid(res), function (err, sess) {
+          assert.ok(err);
+          assert.ok(err.message.match(/Cannot read prop/));
+          request(server)
+          .get('/')
+          .set('Cookie', cookie(res))
+          .expect(500, /Cannot read prop/, done)
+        })
+      })
+    })
+  })
+
   describe('when session expired in store', function () {
     it('should create a new session', function (done) {
       var count = 0