Correctly quote and escape command line argument passed to "sh -c" (#787203)

Shell fragments must be properly quoted and escaped to prevent execution
of unintended commands derived from user controllable data.  For
example:

    $ printf '#!/bin/sh\necho test > out\n' > script.sh
    $ chmod +x script.sh
    $ truncate -s 20M 'jfs;script.sh'
    $ mkfs.jfs -q 'jfs;script.sh'
    $ ls -l out
    ls: cannot access out: No such file or directory

    $ sudo PATH=$PWD:$PATH /usr/local/bin/gparted 'jfs;script.sh'
    $ sudo PATH=$PWD:$PATH /usr/local/bin/gparted 'jfs;script.sh'

    $ ls -l out
    -rw-r--r-- 1 root root 5 Sep 12 23:11 out
    $ cat out
    test

What is happening is that jfs::set_used_sectors() is using the device
name 'jfs;script.sh' without quoting it and passing it to the shell to
execute like this:
    sh -c 'echo dm | jfs_debugfs jfs;script.sh'
which the shell duly executes as these two commands:
    echo dm | jfs_debugfs jfs
    script.sh

This could be a security related issue as "sh -c" is able to execute
arbitrary shell commands from the argument if if contains shell special
characters.  Use Glib::shell_quote() [1] to quote and escape file names
and whole commands passed to the shell.

[1] Glib::shell_quote(const std::string & unquoted_string)
    https://developer.gnome.org/glibmm/stable/group__ShellUtils.html
    "Quotes a string so that the shell (/bin/sh) will interpret the
    quoted string to mean unquoted_string.

    If you pass a filename to the shell, for example, you should first
    quote it with this function."

Bug 787203 - Correctly quote and escape arguments of external programs
             passed to execute_command()