diff -r 829117ae2e55 Objects/listobject.c
--- a/Objects/listobject.c	Tue Jul 19 16:46:09 2016 -0500
+++ b/Objects/listobject.c	Fri Jul 22 16:06:42 2016 +0800
@@ -488,9 +488,9 @@
         return NULL;
     }
 #define b ((PyListObject *)bb)
+    if (Py_SIZE(a) > PY_SSIZE_T_MAX - Py_SIZE(b))
+        return PyErr_NoMemory();
     size = Py_SIZE(a) + Py_SIZE(b);
-    if (size < 0)
-        return PyErr_NoMemory();
     np = (PyListObject *) PyList_New(size);
     if (np == NULL) {
         return NULL;
@@ -841,18 +841,20 @@
         return NULL;
     }
     m = Py_SIZE(self);
-    mn = m + n;
-    if (mn >= m) {
+    if (m > PY_SSIZE_T_MAX - n)
+        /* m + n overflowed; on the chance that n lied, and there really
+         * is enough room, ignore it.  If n was telling the truth, we'll
+         * eventually run out of memory during the loop.
+         */
+        ;
+    else {
+        mn = m + n;
         /* Make room. */
         if (list_resize(self, mn) < 0)
             goto error;
         /* Make the list sane again. */
         Py_SIZE(self) = m;
     }
-    /* Else m + n overflowed; on the chance that n lied, and there really
-     * is enough room, ignore it.  If n was telling the truth, we'll
-     * eventually run out of memory during the loop.
-     */
 
     /* Run iterator to exhaustion. */
     for (;;) {
diff -r 829117ae2e55 Objects/tupleobject.c
--- a/Objects/tupleobject.c	Tue Jul 19 16:46:09 2016 -0500
+++ b/Objects/tupleobject.c	Fri Jul 22 16:06:42 2016 +0800
@@ -453,9 +453,9 @@
         return NULL;
     }
 #define b ((PyTupleObject *)bb)
+    if (Py_SIZE(a) > PY_SSIZE_T_MAX - Py_SIZE(b))
+        return PyErr_NoMemory();
     size = Py_SIZE(a) + Py_SIZE(b);
-    if (size < 0)
-        return PyErr_NoMemory();
     np = (PyTupleObject *) PyTuple_New(size);
     if (np == NULL) {
         return NULL;