? includes/table.inc
Index: includes/backend.inc
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/drush/includes/backend.inc,v
retrieving revision 1.29
diff -u -p -r1.29 backend.inc
--- includes/backend.inc	12 Apr 2010 14:41:49 -0000	1.29
+++ includes/backend.inc	15 Apr 2010 23:53:37 -0000
@@ -356,7 +356,7 @@ function _drush_backend_generate_command
     $command .= ' ' . escapeshellarg($arg);
   }
   // @TODO: Implement proper multi platform / multi server support.
-  $cmd = escapeshellcmd($drush_path) . " " . $option_str . " " . $command . " --backend";
+  $cmd = $drush_path . " " . $option_str . " " . $command . " --backend";
 
   if (!is_null($hostname)) {
     $username = (!is_null($username)) ? $username : get_current_user();
Index: includes/environment.inc
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/drush/includes/environment.inc,v
retrieving revision 1.84
diff -u -p -r1.84 environment.inc
--- includes/environment.inc	8 Apr 2010 19:17:30 -0000	1.84
+++ includes/environment.inc	15 Apr 2010 23:53:38 -0000
@@ -997,13 +997,12 @@ function drush_valid_db_credentials() {
  * @see DRUSH_COMMAND
  */
 function drush_find_drush() {
- $php = drush_get_option('php');
- if (isset($php)) {
-    $drush = $php . " " . realpath($_SERVER['argv'][0]) . " --php=$php";
-  } else {
-    $drush = realpath($_SERVER['argv']['0']);
-  }
-  return $drush;
+  $drush = escapeshellarg(realpath($_SERVER['argv']['0']));
+  $php = escapeshellarg(drush_get_option('php'));
+  if (isset($php)) {
+     $drush = $php . " " . $drush . " --php=$php";
+   }
+   return $drush;
 }
 
 /**