diff -r 919a3487fb00 Modules/_pickle.c
--- a/Modules/_pickle.c	Sat Sep 26 17:47:02 2015 -0700
+++ b/Modules/_pickle.c	Sun Sep 27 09:31:31 2015 +0300
@@ -1193,7 +1193,7 @@ static Py_ssize_t
 {
     Py_ssize_t num_read;
 
-    if (self->next_read_idx > PY_SSIZE_T_MAX - n) {
+    if (n < 0 || self->next_read_idx > PY_SSIZE_T_MAX - n) {
         PickleState *st = _Pickle_GetGlobalState();
         PyErr_SetString(st->UnpicklingError,
                         "read would overflow (invalid bytecode)");
@@ -6135,7 +6135,7 @@ static PyObject *
 load(UnpicklerObject *self)
 {
     PyObject *value = NULL;
-    char *s = NULL;
+    char *s;
 
     self->num_marks = 0;
     self->proto = 0;