The util_sh_escape function parses a specified string and places a backslash (\) in front of any shell-special characters, returning the resultant string. Use this function to ensure that strings from clients won’t cause a shell to do anything unexpected.
The shell-special characters includes space and the following characters:
char *util_sh_escape(char *s);
A newly allocated string.
char *s is the string to be parsed.