Description:
The problem seems to be more precisely in dynstr_append_os_quoted()

With /bin/sh you can't escape a single quote inside a single quoted string.

root@jd:~# sh -c "echo 'foo\'bar'"
sh: -c: line 0: unexpected EOF while looking for matching `''
sh: -c: line 1: syntax error: unexpected end of file

You actually have to leave the single quoted string, then escape the quote from the shell, then go back into the single quoted string..

root@jd:~# sh -c "echo 'foo'\''bar'"
foo'bar
root@jd:~#

How to repeat:
With mysql_upgrade this breaks when your password contains a single quote character.

root@jd:~# cat ~/.my.cnf 
[client]
user="root"
pass="test'1234"
root@jd:~# mysql_upgrade
Looking for 'mysql' as: mysql
Looking for 'mysqlcheck' as: mysqlcheck
sh: -c: line 0: unexpected EOF while looking for matching `''
sh: -c: line 1: syntax error: unexpected end of file
Running 'mysqlcheck'...
sh: -c: line 0: unexpected EOF while looking for matching `''
sh: -c: line 1: syntax error: unexpected end of file
FATAL ERROR: Upgrade failed

Strace showing the shell code:

17907 execve("/bin/sh", ["sh", "-c", "'mysql' '--no-defaults' '--user=root' '--password=test\\'1234' '--user=root'  '--database=mysql' '--batch' '--skip-force' '--silent' < sqlCb1Yum 2>&1 "], [/* 33 vars */]) = 0

Verified just as described, also - with 5.1.42 on Mac OS X.

The issue still persists:

--
# grep \' .my.cnf 
pass="test'password"
--
# mysql_upgrade 
Looking for 'mysql' as: mysql
Looking for 'mysqlcheck' as: mysqlcheck
sh: -c: line 0: unexpected EOF while looking for matching `''
sh: -c: line 1: syntax error: unexpected end of file
sh: -c: line 0: unexpected EOF while looking for matching `''
sh: -c: line 1: syntax error: unexpected end of file
FATAL ERROR: Upgrade failed
--

Here's another report:
https://mariadb.atlassian.net/browse/MDEV-4664

May we have an update on this please?

Thanks.