diff --git a/Doc/c-api/unicode.rst b/Doc/c-api/unicode.rst
--- a/Doc/c-api/unicode.rst
+++ b/Doc/c-api/unicode.rst
@@ -571,7 +571,7 @@
 
    Encode the :ctype:`Py_UNICODE` buffer of the given size using Unicode-Escape and
    return a Python string object.  Return *NULL* if an exception was raised by the
-   codec.
+   codec.  The *size* argument must be nonnegative.
 
    .. versionchanged:: 2.5
       This function used an :ctype:`int` type for *size*. This might require
@@ -599,11 +599,11 @@
       changes in your code for properly supporting 64-bit systems.
 
 
-.. cfunction:: PyObject* PyUnicode_EncodeRawUnicodeEscape(const Py_UNICODE *s, Py_ssize_t size, const char *errors)
+.. cfunction:: PyObject* PyUnicode_EncodeRawUnicodeEscape(const Py_UNICODE *s, Py_ssize_t size)
 
    Encode the :ctype:`Py_UNICODE` buffer of the given size using Raw-Unicode-Escape
    and return a Python string object.  Return *NULL* if an exception was raised by
-   the codec.
+   the codec.  The *size* argument must be nonnegative.
 
    .. versionchanged:: 2.5
       This function used an :ctype:`int` type for *size*. This might require
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -20,6 +20,9 @@
   no longer reads past the end of the provided Py_UNICODE buffer if
   the last character's value is between 0xD800 and 0xDC00.
 
+- Issue #7615: The Unicode escape encoders now check to make sure that
+  the provided size is nonnegative.
+
 - Issue #2335: Backport set literals syntax from Python 3.x.
 
 Library
diff --git a/Modules/cPickle.c b/Modules/cPickle.c
--- a/Modules/cPickle.c
+++ b/Modules/cPickle.c
@@ -1297,6 +1297,12 @@
     const Py_ssize_t expandsize = 6;
 #endif
 
+    /* make sure size is nonnegative */
+    if (size < 0) {
+        PyErr_BadInternalCall();
+        return NULL;
+    }
+
     if (size > PY_SSIZE_T_MAX / expandsize)
         return PyErr_NoMemory();
 
diff --git a/Objects/unicodeobject.c b/Objects/unicodeobject.c
--- a/Objects/unicodeobject.c
+++ b/Objects/unicodeobject.c
@@ -3017,6 +3017,12 @@
        escape.
     */
 
+    /* make sure size is nonnegative */
+    if (size < 0) {
+        PyErr_BadInternalCall();
+        return NULL;
+    }
+
     if (size > (PY_SSIZE_T_MAX - 2 - 1) / expandsize)
         return PyErr_NoMemory();
 
@@ -3287,6 +3293,12 @@
     const Py_ssize_t expandsize = 6;
 #endif
 
+    /* make sure size is nonnegative */
+    if (size < 0) {
+        PyErr_BadInternalCall();
+        return NULL;
+    }
+
     if (size > PY_SSIZE_T_MAX / expandsize)
         return PyErr_NoMemory();