Adjust tests

Author: atorralba

java/ql/test/query-tests/security/CWE-807/semmle/tests/ConditionalBypassTest.java

@@ -29,9 +29,9 @@ public static void main(HttpServletRequest request) throws Exception {
 		if (adminCookie.getValue().equals("false")) // $ hasConditionalBypassTest
 			login(user, password);
 
-		// FALSE POSITIVES: both methods are conditionally executed, but they probably
+		// GOOD: both methods are conditionally executed, but they probably
 		// both perform the security-critical action
-		if (adminCookie.getValue() == "false") { // $ SPURIOUS: $ hasConditionalBypassTest
+		if (adminCookie.getValue() == "false") { // Safe
 			login(user, password);
 		} else {
 			reCheckAuth(user, password);
@@ -80,8 +80,8 @@ public static void test3(String user, String password) {
 		else {
 			// do something else
 			// BAD: login may not happen
-			return;
 		}
+		return;
 	}
 
 	public static void test4(String user, String password) {