Is my understanding correct?
Not quite.
For an RBG1 or an RBG2 (either flavor), it is correct (unless the RBG2 was reseeded extremely often, that is, effectively turning it into an RBG3(RS); see below for that case) - those are based in computational complexity assumptions and a computationally unbounded adversary could easily break it.
On the other hand, for RBG3(XOR), because the DRBG output is xor'ed in with the output of the entropy source, then if we assume that the entropy source has full entropy (that is, is itself informationally completely random), then the result is also full entropy. The xor'ing in of the data from the DRBG doesn't provide an in for our hypothetical attacker, as still any bit of the ultimate output is completely independent of all the rest of the bits of the ultimate output.
As for RBG3(RS), well, [Warning: significant hand-waving up ahead] I suspect our hypothetical attacker is likely to be able to distinguish a sufficiently long output from random; the idea is that the DRBG acts as $DRBG(S, RS) \rightarrow S', Output$, where $S$ is the initial state of the DRBG, $S'$ is the updated state, $RS$ is the reseeding data, and $Output$ is the block of output that the adversary can actually see. Now, this function is unlikely to generate $Output$ at exactly uniform probability distribution (and in addition, an unbounded adversary will get the updated probability distribution of $S'$, which is also not uniform); it appears likely to me that, for an unbounded adversary, the probability distributions would build up enough to be able to yield a distinguisher; however I am unable (being too lazy) to come up with any probable number of outputs needed.
