--- a/ChangeLog	Sat Dec 02 21:57:12 2006 +0000
+++ b/ChangeLog	Sun Dec 03 01:20:31 2006 +0000
@@ -1,3 +1,8 @@
+Sat Dec  2 20:15:22 2006  John Ellis  <johne@verizon.net>
+
+	* editors.c: Escape the 4 characters [ "`$\ ] in filenames passed
+	to the system shell. Assumes bash-like escaping syntax for "sh -c".
+
 Sat Dec  2 16:44:48 2006  John Ellis  <johne@verizon.net>
 
 	* image-overlay.[ch]: More work on osd icons.

--- a/src/editors.c	Sat Dec 02 21:57:12 2006 +0000
+++ b/src/editors.c	Sun Dec 03 01:20:31 2006 +0000
@@ -1,6 +1,6 @@
 /*
  * GQview
- * (C) 2004 John Ellis
+ * (C) 2006 John Ellis
  *
  * Author: John Ellis
  *
@@ -321,6 +321,33 @@
 	return TRUE;
 }
 
+static gchar *editor_command_path_parse(const gchar *path)
+{
+	GString *string;
+	gchar *pathl;
+	const gchar *p;
+
+	string = g_string_new("");
+	p = path;
+	while (*p != '\0')
+		{
+		/* must escape \, ", `, and $ to avoid problems,
+		 * we assume system shell supports bash-like escaping
+		 */
+		if (strchr("\\\"`$", *p) != NULL)
+			{
+			string = g_string_append_c(string, '\\');
+			}
+		string = g_string_append_c(string, *p);
+		p++;
+		}
+
+	pathl = path_from_utf8(string->str);
+	g_string_free(string, TRUE);
+
+	return pathl;
+}
+
 static gint editor_command_one(const gchar *template, const gchar *path, EditorVerboseData *vd)
 {
 	GString *result = NULL;
@@ -335,7 +362,7 @@
 	current_path = getcwd(path_buffer, sizeof(path_buffer));
 
 	result = g_string_new("");
-	pathl = path_from_utf8(path);
+	pathl = editor_command_path_parse(path);
 
 	ptr = template;
 	while ( (found = strstr(ptr, "%p")) )
@@ -536,7 +563,7 @@
 
 			if (work != list) g_string_append_c(result, ' ');
 			result = g_string_append_c(result, '"');
-			pathl = path_from_utf8(path);
+			pathl = editor_command_path_parse(path);
 			result = g_string_append(result, pathl);
 			g_free(pathl);
 			result = g_string_append_c(result, '"');